1. Auto Reboot @ 4am everyday with log. # PowerShell Script: Schedule daily auto reboot at 4 AM with logging # Define log directory and file $LogDir = "C:\RebootLogs" $LogFile = "$LogDir\reboot_log.txt" # Create log folder if it doesn't exist if (-not (Test-Path $LogDir)) { New-Item -Path $LogDir -ItemType Directory | Out-Null } # Create a secondary PowerShell script that writes to the log and reboots $RebootScript = @" `$(Get-Date -Format "yyyy-MM-dd HH:mm:ss") - System scheduled reboot initiated." | Out-File -Append "$LogFile" shutdown.exe /r /f /t 0 "@ # Save the reboot script to a fixed location $ScriptPath = "$LogDir\run_reboot.ps1" $RebootScript | Set-Content -Path $ScriptPath -Encoding UTF8 # Define the task action — runs PowerShell silently as SYSTEM $Action = New-ScheduledTaskAction -Execute "powershell.exe" -Argument "-NoProfile -WindowStyle Hidden -ExecutionPolicy Bypass -File `"$ScriptPath`"" # Define trigger: daily at 4:00 AM $Trigger = New-ScheduledTaskTrigger -Daily -At 4:00am # Settings: allow on battery, run as soon as possible if missed $Settings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries -StartWhenAvailable # Register the scheduled task under SYSTEM Register-ScheduledTask -TaskName "DailyAutoRebootWithLog" ` -Description "Automatically reboots computer daily at 4:00 AM with log entry" ` -Action $Action -Trigger $Trigger -Settings $Settings -User "SYSTEM" -RunLevel Highest Write-Host "✅ Task 'DailyAutoRebootWithLog' created successfully." Write-Host "Logs will be written to: $LogFile" ======================================================================================================================================================= 2. DJ Group LLC Admin Account # POWERSHELL - DJ Group LLC (Admin Account) # NOTE: Run as Administrator # ============================= # === SECTION 0: UTILITIES === # ============================= $ErrorActionPreference = 'SilentlyContinue' function Write-Info($msg) { Write-Host $msg -ForegroundColor Cyan } function Write-Ok($msg) { Write-Host "[OK] $msg" -ForegroundColor Green } function Write-Warn($msg) { Write-Host $msg -ForegroundColor Yellow } function Write-Err($msg) { Write-Host $msg -ForegroundColor Red } # Disable-StartupApps: # Removes startup entries from HKCU/HKLM Run keys and Startup folders, except names in $KeepList function Disable-StartupApps { param( [string[]] $KeepList = @() ) Write-Warn "Disabling startup apps..." $runPaths = @( "HKCU:\Software\Microsoft\Windows\CurrentVersion\Run", "HKLM:\Software\Microsoft\Windows\CurrentVersion\Run" ) foreach ($path in $runPaths) { if (Test-Path $path) { $props = (Get-ItemProperty $path) | Select-Object -ExcludeProperty PS*, "(default)" foreach ($p in $props.PSObject.Properties) { $name = $p.Name if ($KeepList -notcontains $name) { Remove-ItemProperty -Path $path -Name $name -ErrorAction SilentlyContinue } } } } # Startup folders (All Users and Current User) $startupFolders = @( "$env:ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp", "$env:AppData\Microsoft\Windows\Start Menu\Programs\Startup" ) foreach ($folder in $startupFolders) { if (Test-Path $folder) { Get-ChildItem $folder -File | Where-Object { $KeepList -notcontains $_.BaseName } | Remove-Item -Force -ErrorAction SilentlyContinue } } Write-Ok "Startup apps disabled (except keep list)." } # Create or replace a SYSTEM scheduled task for daily reboot @ 3:00 AM function Ensure-DailyRebootTask { $taskName = "DJGL_DailyReboot_3AM" Write-Warn "Configuring daily 3:00 AM reboot task ($taskName)..." try { if (Get-ScheduledTask -TaskName $taskName -ErrorAction SilentlyContinue) { Unregister-ScheduledTask -TaskName $taskName -Confirm:$false } } catch {} $action = New-ScheduledTaskAction -Execute "shutdown.exe" -Argument "/r /f /t 0" $trigger = New-ScheduledTaskTrigger -Daily -At 3:00AM $settings = New-ScheduledTaskSettingsSet -StartWhenAvailable -WakeToRun ` -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries $principal = New-ScheduledTaskPrincipal -UserId "SYSTEM" -RunLevel Highest $task = New-ScheduledTask -Action $action -Trigger $trigger -Settings $settings -Principal $principal Register-ScheduledTask -TaskName $taskName -InputObject $task -Force | Out-Null Write-Ok "Daily reboot scheduled at 3:00 AM (runs as SYSTEM, highest privileges)." } # ============================= # === SECTION 1: ONEDRIVE ==== # ============================= Write-Warn "Uninstalling OneDrive..." Stop-Process -Name OneDrive -ErrorAction SilentlyContinue Start-Sleep -Seconds 2 if ([Environment]::Is64BitOperatingSystem) { & "$env:SystemRoot\SysWOW64\OneDriveSetup.exe" /uninstall } else { & "$env:SystemRoot\System32\OneDriveSetup.exe" /uninstall } Remove-Item "$env:UserProfile\OneDrive","$env:LocalAppData\Microsoft\OneDrive","$env:ProgramData\Microsoft OneDrive" -Recurse -Force -ErrorAction SilentlyContinue Write-Ok "OneDrive removed." # ============================= # === SECTION 2: CHROME ==== # ============================= Write-Warn "Checking Google Chrome..." $chromeReg = Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome" -ErrorAction SilentlyContinue if (-not $chromeReg) { Write-Warn "Google Chrome not found. Installing..." $chromeInstaller = "$env:TEMP\ChromeSetup.exe" Invoke-WebRequest "https://dl.google.com/chrome/install/latest/chrome_installer.exe" -OutFile $chromeInstaller Start-Process $chromeInstaller -ArgumentList "/silent /install" -Wait Remove-Item $chromeInstaller -Force Write-Ok "Google Chrome installed." } else { Write-Ok "Google Chrome already installed. Skipping download." } # ============================= # === SECTION 3: STARTUP ==== # ============================= $keepList = @("Google Chrome","chrome","printer","Print","Spooler","HP","Brother","Canon","Epson") Disable-StartupApps -KeepList $keepList # ======================================= # === SECTION 4: POWER / UI / APPS ==== # ======================================= Write-Warn "Applying power & UI settings..." powercfg -setactive SCHEME_MIN | Out-Null powercfg -change -monitor-timeout-ac 0 powercfg -change -standby-timeout-ac 0 powercfg -change -hibernate-timeout-ac 0 powercfg /setacvalueindex SCHEME_MIN SUB_BUTTONS PBUTTONACTION 0 powercfg /setacvalueindex SCHEME_MIN SUB_BUTTONS LIDACTION 0 # Visual effects off, background blank Set-ItemProperty "HKCU:\Control Panel\Desktop" -Name "UserPreferencesMask" -Value ([byte[]](0x90,0x12,0x03,0x80,0x10,0x00,0x00,0x00)) Set-ItemProperty "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\VisualEffects" -Name "VisualFXSetting" -Value 2 Set-ItemProperty "HKCU:\Control Panel\Colors" -Name "Background" -Value "0 0 0" Set-ItemProperty "HKCU:\Control Panel\Desktop" -Name "Wallpaper" -Value "" RUNDLL32.EXE user32.dll,UpdatePerUserSystemParameters # Kill all Store apps quickly (best effort) Get-AppxPackage | ForEach-Object { Stop-Process -Name $_.Name -ErrorAction SilentlyContinue } # Background apps & taskbar/search/news/ads reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications" /v GlobalUserDisabled /t REG_DWORD /d 1 /f | Out-Null reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Feeds" /v ShellFeedsTaskbarViewMode /t REG_DWORD /d 2 /f | Out-Null reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v SearchboxTaskbarMode /t REG_DWORD /d 0 /f | Out-Null reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v SubscribedContent-310093Enabled /t REG_DWORD /d 0 /f | Out-Null reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v SubscribedContent-338387Enabled /t REG_DWORD /d 0 /f | Out-Null # Telemetry & WER reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /v AllowTelemetry /t REG_DWORD /d 0 /f | Out-Null reg add "HKLM\SOFTWARE\Microsoft\Windows\Windows Error Reporting" /v Disabled /t REG_DWORD /d 1 /f | Out-Null # Timezone tzutil /s "Eastern Standard Time" Write-Ok "Power & UI settings applied." # ======================================= # === SECTION 5: UPDATES / LOCKSCREEN === # ======================================= Write-Warn "Disabling Windows Update & lock screen content..." Stop-Service -Name wuauserv -Force Set-Service -Name wuauserv -StartupType Disabled reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v NoAutoUpdate /t REG_DWORD /d 1 /f | Out-Null reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v AUOptions /t REG_DWORD /d 1 /f | Out-Null reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /v DisableWindowsSpotlightFeatures /t REG_DWORD /d 1 /f | Out-Null reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Personalization" /v NoLockScreen /t REG_DWORD /d 1 /f | Out-Null reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /v DisableConsumerFeatures /t REG_DWORD /d 1 /f | Out-Null reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v RotatingLockScreenOverlayEnabled /t REG_DWORD /d 0 /f | Out-Null reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v RotatingLockScreenEnabled /t REG_DWORD /d 0 /f | Out-Null reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v SubscribedContent-338389Enabled /t REG_DWORD /d 0 /f | Out-Null Write-Ok "Windows Update & lock screen features disabled." # ======================================= # === SECTION 6: EDGE & BLOATWARE === # ======================================= Write-Warn "Removing Microsoft Edge..." $edgeBases = @("C:\Program Files (x86)\Microsoft\Edge\Application","C:\Program Files\Microsoft\Edge\Application") foreach ($base in $edgeBases) { Get-ChildItem "$base" -Directory -ErrorAction SilentlyContinue | ForEach-Object { $setup = Join-Path $base "$($_.Name)\Installer\setup.exe" if (Test-Path $setup) { Start-Process $setup -ArgumentList "--uninstall --system-level --force-uninstall" -Wait } } } Write-Ok "Edge removal attempted." Write-Warn "Removing bloatware apps..." $appsToRemove = @( "Microsoft.3DViewer","Microsoft.BingWeather","Microsoft.GetHelp","Microsoft.Getstarted", "Microsoft.Microsoft3DViewer","Microsoft.MicrosoftOfficeHub","Microsoft.MicrosoftSolitaireCollection", "Microsoft.MicrosoftStickyNotes","Microsoft.MixedReality.Portal","Microsoft.OneConnect", "Microsoft.People","Microsoft.SkypeApp","Microsoft.Wallet","Microsoft.Xbox*","Microsoft.ZuneMusic", "Microsoft.ZuneVideo","Microsoft.YourPhone","Microsoft.Whiteboard","Microsoft.Office.OneNote", "Clipchamp.Clipchamp","Microsoft.Todos","Microsoft.WindowsMaps","Microsoft.GamingApp", "Microsoft.WindowsFeedbackHub" ) foreach ($app in $appsToRemove) { Get-AppxPackage -Name $app -AllUsers | Remove-AppxPackage -AllUsers -ErrorAction SilentlyContinue Get-AppxProvisionedPackage -Online | Where-Object DisplayName -Like $app | Remove-AppxProvisionedPackage -Online -ErrorAction SilentlyContinue } Write-Ok "Bloatware removal attempted." # ======================================= # === SECTION 7: SCHEDULE REBOOT === # ======================================= Ensure-DailyRebootTask # ======================================= # === SECTION 8: FINALIZE === # ======================================= Write-Warn "Restarting Explorer..." Stop-Process -Name explorer -Force Start-Process explorer Write-Ok "PC fully optimized. Rebooting in 10 seconds..." Start-Sleep -Seconds 10 Restart-Computer -Force =================================================================================================================================================== 3. POS User Account # =================================================================== # POWERSHELL - POS User Setup (No Auto-Refresh) # Description: Configures POS kiosk mode with Chrome, hides desktop, # disables Task Manager & hotkeys, enables touch keyboard, sets Chrome # as default browser, and replaces user shell with kiosk launcher. # =================================================================== # === 1. Define Settings === $chromePath = "C:\Program Files\Google\Chrome\Application\chrome.exe" $kioskURL = "https://djgroupllc.com/login" $startupFolder = "$env:APPDATA\Microsoft\Windows\Start Menu\Programs\Startup" # === 2. Create Kiosk Launcher BAT File === $kioskScript = @' @echo off :start tasklist | find /i "chrome.exe" >nul if errorlevel 1 ( start "" "C:\Program Files\Google\Chrome\Application\chrome.exe" --kiosk --kiosk-printing https://djgroupllc.com/login ) timeout /t 5 >nul goto start '@ $kioskFile = "$env:USERPROFILE\kiosk.bat" Set-Content -Path $kioskFile -Value $kioskScript # === 3. Replace Shell (Per-User Only) === New-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" ` -Name "Shell" -Value "$kioskFile" -PropertyType String -Force | Out-Null # === 4. Enable On-Screen Keyboard === New-ItemProperty -Path "HKCU:\Software\Microsoft\TabletTip\1.7" ` -Name "EnableDesktopModeAutoInvoke" -Value 1 -PropertyType DWORD -Force | Out-Null New-ItemProperty -Path "HKCU:\Software\Microsoft\TabletTip\1.7" ` -Name "EdgeTargetDockedState" -Value 1 -PropertyType DWORD -Force | Out-Null # === 5. Disable Task Manager & Hotkeys === New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Policies\System" -Force | Out-Null Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Policies\System" ` -Name "DisableTaskMgr" -Value 1 -Type DWord New-Item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" -Force | Out-Null Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" ` -Name "NoWinKeys" -Value 1 -Type DWord # === 6. Auto-hide Taskbar === $bytes = (Get-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\StuckRects3").Settings $bytes[8] = 3 Set-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\StuckRects3" ` -Name "Settings" -Value $bytes Stop-Process -Name explorer -Force Start-Process explorer # === 7. Hide Desktop Icons === reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoDesktop /t REG_DWORD /d 1 /f $shell = New-Object -ComObject Shell.Application $shell.ToggleDesktop() Start-Sleep -Milliseconds 500 $shell.ToggleDesktop() # === 8. Set Chrome as Default Browser === $chromeRegPath = "HKCU:\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice" New-Item -Path $chromeRegPath -Force | Out-Null Set-ItemProperty -Path $chromeRegPath -Name "ProgId" -Value "ChromeHTML" # === 9. Log Out to Apply Shell Change === shutdown.exe /l =================================================================================================================================================== 4. ADMIN - AUTO POWER OFF AFTER 3 DAYS # =================================================================== # Auto Power-Off Every 3 Days at 3:00 AM (with immediate reboot now) # Run this from an elevated (Administrator) PowerShell window. # =================================================================== # ---- CONFIG: choose Shutdown or Restart for the scheduled action ---- $Action = "Shutdown" # Options: "Shutdown" or "Restart" # ---- Sanity: ensure elevation ---- $principal = New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent()) if (-not $principal.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)) { Write-Host "Please run this script as Administrator." -ForegroundColor Red exit 1 } # ---- Names and paths ---- $TaskName = "POS_Every3Days_3AM_PowerAction" $TaskScriptPath = "C:\POS_Shutdown_Every3Days.ps1" $LogPath = "C:\POS_Shutdown_Log.txt" # ---- Compute first run: 3 days from today, 03:00 (local) ---- $startDate = (Get-Date).Date.AddDays(3) # midnight three days from today $startDateStr = $startDate.ToString("MM/dd/yyyy") $startTimeStr = "03:00" Write-Host "Scheduling first run for $startDateStr $startTimeStr and then every 3 days." -ForegroundColor Cyan # ---- Create the task payload script (runs as SYSTEM at schedule) ---- $payload = @" `$mode = '$Action' `$ts = Get-Date -Format 'yyyy-MM-dd HH:mm:ss' Add-Content -Path '$LogPath' -Value ""`$ts - Scheduled `$mode initiated by task."" if (`$mode -eq 'Restart') { Restart-Computer -Force } else { Stop-Computer -Force } "@ Set-Content -Path $TaskScriptPath -Value $payload -Encoding UTF8 -Force # ---- Remove existing task (if any) to avoid conflicts ---- schtasks /Query /TN "$TaskName" > $null 2>&1 if ($LASTEXITCODE -eq 0) { Write-Host "Existing task found. Deleting $TaskName ..." -ForegroundColor Yellow schtasks /Delete /TN "$TaskName" /F | Out-Null } # ---- Create the scheduled task (runs as SYSTEM, highest privileges) ---- $createCmd = @( '/Create', "/TN", "$TaskName", "/SC", "DAILY", "/MO", "3", "/ST", $startTimeStr, "/SD", $startDateStr, "/TR", "powershell.exe -NoProfile -ExecutionPolicy Bypass -File `"$TaskScriptPath`"", "/RU", "SYSTEM", "/RL", "HIGHEST", "/F" ) Write-Host "Creating scheduled task $TaskName ..." -ForegroundColor Green schtasks @createCmd | Out-Null # ---- Confirm schedule ---- schtasks /Query /TN "$TaskName" /V /FO LIST Write-Host "" Write-Host "Task created. Logging to: $LogPath" -ForegroundColor Green Write-Host "Rebooting now to start the 3-day cycle baseline..." -ForegroundColor Green # ---- Immediate reboot to start the baseline today ---- Restart-Computer -Force