SCCM Script – Force Remove Flash
Well, Flash is finally dead and you probably want to get it off all your systems. Here is a script that you can use to uninstall flash and remove all leftover folders. See my post here to learn how to create and run a script in SCCM. The script leverages the uninstall tool that adobe provides here and also removes the app data folders for each user. The only thing you need to modify in this script is the source path where you put the uninstaller. You may want to re-hash the when you download it as well just in case its different than what in the script.
EDIT 3-19-21: I have run into additional permission issues on some PCs where, for some reason, ‘Trusted Installer’ is the owner of the Flash folders. Below is the updated script that handles this issue by giving ‘System’ ownership of the folder.
#Create a temp dir if its not already there and copy the uninstall tool
$dir = "C:\temp"
mkdir $dir
robocopy "\\Put\Source\Path\Here" "C:\temp" uninstall_flash_player.exe
#Get hash value of the file we just copied... JUUUUST in case
$hash_value = Get-FileHash -Path "C:\temp\uninstall_flash_player.exe"
#Compare the hash value and only run the exe if they match
if ($hash_value -eq "3319A87F23773CEA36181069FA0832AC1264A7D49CEA9BF7C78DA6C650871D47") {
$acl = Get-Acl C:\Windows\SysWOW64\Macromed\Flash
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("NT AUTHORITY\SYSTEM","FullControl","Allow")
$acl.SetAccessRule($AccessRule)
$acl | Set-Acl C:\Windows\SysWOW64\Macromed\Flash
$acl = Get-Acl C:\Windows\SysWOW64\Macromed\Flash
$object = New-Object System.Security.Principal.Ntaccount("NT AUTHORITY\SYSTEM")
$acl.SetOwner($object)
$acl | Set-Acl C:\Windows\SysWOW64\Macromed\Flash
foreach($_ in (Get-ChildItem "C:\Windows\SysWOW64\Macromed\Flash" -recurse)){
$acl = Get-Acl $_.fullname
$object = New-Object System.Security.Principal.Ntaccount("NT AUTHORITY\SYSTEM")
$acl.SetOwner($object)
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("NT AUTHORITY\SYSTEM","FullControl","Allow")
$acl.SetAccessRule($AccessRule)
$acl.SetAccessRuleProtection($false,$true)
$acl | Set-Acl $_.fullname
Set-ItemProperty $acl -name IsReadOnly -value $false
}
$acl = Get-Acl C:\Windows\system32\Macromed\Flash
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("NT AUTHORITY\SYSTEM","FullControl","Allow")
$acl.SetAccessRule($AccessRule)
$acl | Set-Acl C:\Windows\system32\Macromed\Flash
$acl = Get-Acl C:\Windows\system32\Macromed\Flash
$object = New-Object System.Security.Principal.Ntaccount("NT AUTHORITY\SYSTEM")
$acl.SetOwner($object)
$acl | Set-Acl C:\Windows\system32\Macromed\Flash
foreach($_ in (Get-ChildItem "C:\Windows\system32\Macromed\Flash" -recurse)){
$acl = Get-Acl $_.fullname
$object = New-Object System.Security.Principal.Ntaccount("NT AUTHORITY\SYSTEM")
$acl.SetOwner($object)
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("NT AUTHORITY\SYSTEM","FullControl","Allow")
$acl.SetAccessRule($AccessRule)
$acl.SetAccessRuleProtection($false,$true)
$acl | Set-Acl $_.fullname
Set-ItemProperty $acl -name IsReadOnly -value $false
}
#Run the uninstall too silently
cmd /c "C:\temp\uninstall_flash_player.exe /uninstall"
#Remove system folders that get left behind from the uninstall tool
Remove-Item -Path "C:\Windows\system32\Macromed\Flash" -Recurse -Force -Confirm:$false
Remove-Item -Path "C:\Windows\SysWOW64\Macromed\Flash" -Recurse -Force -Confirm:$false
#Get all users
$users = Get-ChildItem -Path "C:\users\" | Select-Object -ExpandProperty name
#Loop through all use
foreach ($user in $users) {
Remove-Item -Path "C:\users\$user\AppData\Roaming\Adobe\Flash Player" -Recurse -Force -Confirm:$false
Remove-Item -Path "C:\users\$user\AppData\Roaming\Macromedia\Flash Player" -Recurse -Force -Confirm:$false
}
}
#Remove the uninstall tool since we are done with it
Remove-Item -Path "C:\temp\uninstall_flash_player.exe" -Force -Confirm:$false
3 comments