Created: 1/22/14

Updated: 8/17/21

Note: the most current revisions are at the bottom of the page, this is an organically growing script with revision history. 😉

Below is a all-in-one IT troubleshooting script I’ve been working on over the years and wanted to provide the source code for all to use.

Hope it helps others as it has me, it’s a constant work in progress. 😀

Updated Code (Revision 2): 8/30/20

@echo off
color 0A
title Ultimate Command Prompt All-in-One.

:start
echo Welcome, %USERNAME%
echo What would you like to do?
echo.
echo. -Shutdown Options-
echo.
echo 1. Shutdown in specified time
echo 2. Shutdown at a specified time
echo 3. Shutdown now
echo 4. Restart now
echo 5. Log off now
echo.
echo. -Defrag Options-
echo.
echo 6. Defrag (C:)
echo 7. Defrag (E:)
echo 8. Defrag (F:)
echo.
echo. -Detailed IP Information-
echo.
echo 9. IP Config (Full)
echo 10 IP Config -Release-
echo 11. IP Config -Renew-
echo 12. DNS Flush
echo.
echo. -Advanced Port and Routing-
echo.
echo 13. Netstat (Active Ports)
echo 14. Netstat (Connections + Active Ports)
echo 15. Netstat (Routing Table)
echo 16. ARP (Mac to IP correlation)
echo.
echo. -System File Checking-
echo.
echo 17. SFC Scan (Active Scan)
echo 18. SFC Scan (Boot Scan)
echo 19. Check Disk for Errors on C: (Without scanning for bad sectors)
echo 20. Check Disk for Errors on D: (Without scanning for bad sectors)
echo 21. Check Disk for Errors on E: (Without scanning for bad sectors)
echo 22. Check Disk for Errors on F: (Without scanning for bad sectors)
echo 23. Check Disk for Errors C: (With bad sector scanning)
echo 24. Check Disk for Errors D: (With bad sector scanning)
echo 25. Check Disk for Errors E: (With bad sector scanning)
echo 26. Check Disk for Errors F: (With bad sector scanning)
echo.
echo. -Active Directory Replication-
echo.
echo 27. Check FSMO Operation Master Status
echo 28. AD Replication Status of Domain Controllers in Domain
echo 29. AD Replication Summary (Detailed)
echo 30. AD Replication Knowledge Consistency Checker (Kerberos)
echo 31. AD Replication Syncing of Domain Controller Replication
echo 32. AD Replication Syncing of Domain Controller Replication (Forced)
echo.
echo. -Active Directory Group Policy-
echo.
echo 33. Group Policy Refresh
echo 34. Group Policy Refresh (Forced)
echo 35. Group Policy User Policy Results
echo 36. Group Policy Computer Policy Results
echo 37. Group Policy Summary (Detailed)
echo.
echo. -EXPERIMENTAL – Still Tested –
echo. -System Cleaner and Performance Enhancer-
echo.
echo 38. Windows Temporary Folder Deletion
echo 39. Delete Google Chrome Temporary Files
echo 40. Delete Firefox Temporary Files
echo 41. Delete Flash Temporary Files
echo.
echo. -Vulnerability Testing – Recon Footprinting-
echo.
echo 42. NSlookup MX (Mail)Records
echo 43. NSlookup A Records
echo 44. NSlookup NS (Name Server) Records
echo 45. NSlookup PTR (Reverse Lookup) Records
echo 46. NSlookup SOA (Start of Authority) Records
echo 47. NSlookup LOC (Geofencing, if available) Records
echo 0. Quit
echo.

set /p choice=”Enter your choice: ”
if “%choice%”==”1” goto shutdown
if “%choice%”==”2” goto shutdown-clock
if “%choice%”==”3” shutdown.exe -s -f
if “%choice%”==”4” shutdown.exe -r -f
if “%choice%”==”5” shutdown.exe -l -f
if “%choice%”==”6” defrag.exe c: -f
if “%choice%”==”7” defrag.exe e: -f
if “%choice%”==”8” defrag.exe f: -f
if “%choice%”==”9” ipconfig /all
if “%choice%”==”10” ipconfig /release
if “%choice%”==”11” ipconfig /renew
if “%choice%”==”12” ipconfig /flushdns
if “%choice%”==”13” netstat -a
if “%choice%”==”14” netstat -an
if “%choice%”==”15” netstat -r
if “%choice%”==”16” arp -a
if “%choice%”==”17” sfc /scannow
if “%choice%”==”18” sfc /scanonce
if “%choice%”==”19” chkdsk C: /f
if “%choice%”==”20” chkdsk D: /f
if “%choice%”==”21” chkdsk E: /f
if “%choice%”==”22” chkdsk F: /f
if “%choice%”==”23” chkdsk C: /r
if “%choice%”==”24” chkdsk D: /r
if “%choice%”==”25” chkdsk E: /r
if “%choice%”==”26” chkdsk F: /r
if “%choice%”==”27” netdom query fsmo
if “%choice%”==”28” repadmin /replsum
if “%choice%”==”29” repadmin /showrepl
if “%choice%”==”30” repadmin /kcc
if “%choice%”==”31” repadmin /syncall
if “%choice%”==”32” repadmin /syncall /force
if “%choice%”==”33” gpupdate
if “%choice%”==”34” gpupdate /force
if “%choice%”==”35” gpresult /Scope User /v
if “%choice%”==”36” gpresult /Scope Computer /v
if “%choice%”==”37” gpresult /z
if “%choice%”==”38” del /q/f/s %TEMP%\*
if “%choice%”==”39” goto Chrome-clear
if “%choice%”==”40” goto Firefox-clear
if “%choice%”==”41” goto Flash-clear
if “%choice%”==”42” goto NSlookup-MX
if “%choice%”==”43” goto NSlookup-A
if “%choice%”==”44” goto NSlookup-NS
if “%choice%”==”45” goto NSlookup-PTR
if “%choice%”==”46” goto NSlookup-SOA
if “%choice%”==”47” goto NSlookup-LOC
if “%choice%”==”0″ exit
echo Invalid choice: %choice%
echo.
pause
cls
goto start

:shutdown
cls
set /p min=”Minutes until shutdown: ”
set /a sec=60*%min%
shutdown.exe -s -f -t %sec%
echo Shutdown initiated at %time%
echo.
goto cancel

:NSlookup-MX
cls
set /p MX=”Mail Server Lookup of FQDN Address: ”
echo %MX%
nslookup -querytype=MX %MX%
echo.
pause
goto start

:NSlookup-A
cls
set /p A=”A Record Server Lookup of FQDN Address: ”
echo %A%
nslookup -querytype=A %A%
echo.
pause
goto start

:NSlookup-NS
cls
set /p NS=”Name Server Record Lookup of FQDN Address: ”
echo %NS%
nslookup -querytype=NS %NS%
echo.
pause
goto start

:NSlookup-PTR
cls
set /p PTR=”Reverse Pointer Lookup Server Record of FQDN Address: ”
echo %PTR%
nslookup -querytype=PTR %PTR%
echo.
pause
goto start

:NSlookup-SOA
cls
set /p SOA=”Start of Authority Address: ”
echo %SOA%
nslookup -querytype=SOA %SOA%
echo.
pause
goto start

:NSlookup-LOC
cls
set /p LOC=”GeoFencing Location of FQDN Server Address (if available): ”
echo %LOC%
nslookup -querytype=LOC %LOC%
echo.
pause
goto start

:shutdown-clock
echo.
echo the time format is HH:MM:SS (24 hour time)
echo example: 14:30:00 for 2:30 PM
echo.
set /p tmg=enter the time that you wish the computer to shutdown on:
schtasks.exe /create /sc ONCE /tn shutdown /st %tmg% /tr “shutdown.exe -s -t 00”
echo shutdown initiated at %tmg%
goto start
echo.

:Chrome-clear
cls
del /q /s /f C:\Users\%USERNAME%\AppData\Local\Google\Chrome\User Data\
pause
goto start
echo.

:Firefox-clear
cls
set FDir=C:\Users\%USERNAME%\AppData\Local\Mozilla\Firefox\Profiles
del /q /s /f “%FDir%”
rd /s /q “%FDir%”
del /q /s /f C:\Users\%USERNAME%\AppData\Roaming\Mozilla\Firefox\Profiles\*
pause
goto start
echo.

:Flash-clear
cls
set FCook=C:\Users\%USERNAME%\AppData\Roaming\Macromedia\Flashp~1
del /q /s /f “%FCook%”
pause
goto start

:cancel
set /p cancel=”Type cancel to stop shutdown: ”
if not “%cancel%”==”cancel” exit
goto start
cls
schtasks.exe /end /tn shutdown
cls
schtasks.exe /delete /tn shutdown
cls
echo Shutdown is cancelled.
echo.
pause.
exit

Updated Code (Revision 3): 8-12-21

# Added a few more functions to the script and a working on a few more, will update the script as time goes on. 😀

@echo off
color 0A
title Ultimate Command Prompt All-in-One.

:start
echo Welcome, %USERNAME%
echo What would you like to do?
echo.
echo. -Shutdown Options-
echo.
echo 1. Shutdown in specified time
echo 2. Shutdown at a specified time
echo 3. Shutdown now
echo 4. Restart now
echo 5. Log off now
echo.
echo. -Defrag Options-
echo.
echo 6. Defrag (C:)
echo 7. Defrag (E:)
echo 8. Defrag (F:)
echo.
echo. -Detailed IP Information-
echo.
echo 9. IP Config (Full)
echo 10 IP Config -Release-
echo 11. IP Config -Renew-
echo 12. DNS Flush
echo.
echo. -Advanced Port and Routing-
echo.
echo 13. Netstat (Active Ports)
echo 14. Netstat (Connections + Active Ports)
echo 15. Netstat (Routing Table)
echo 16. ARP (Mac to IP correlation)
echo.
echo. -System File Checking-
echo.
echo 17. SFC Scan (Active Scan)
echo 18. SFC Scan (Boot Scan)
echo 19. Check Disk for Errors on C: (Without scanning for bad sectors)
echo 20. Check Disk for Errors on D: (Without scanning for bad sectors)
echo 21. Check Disk for Errors on E: (Without scanning for bad sectors)
echo 22. Check Disk for Errors on F: (Without scanning for bad sectors)
echo 23. Check Disk for Errors C: (With bad sector scanning)
echo 24. Check Disk for Errors D: (With bad sector scanning)
echo 25. Check Disk for Errors E: (With bad sector scanning)
echo 26. Check Disk for Errors F: (With bad sector scanning)
echo.
echo. -Active Directory Replication-
echo.
echo 27. Check FSMO Operation Master Status
echo 28. AD Replication Status of Domain Controllers in Domain
echo 29. AD Replication Summary (Detailed)
echo 30. AD Replication Knowledge Consistency Checker (Kerberos)
echo 31. AD Replication Syncing of Domain Controller Replication
echo 32. AD Replication Syncing of Domain Controller Replication (Forced)
echo.
echo. -Active Directory Group Policy-
echo.
echo 33. Group Policy Refresh
echo 34. Group Policy Refresh (Forced)
echo 35. Group Policy User Policy Results
echo 36. Group Policy Computer Policy Results
echo 37. Group Policy Summary (Detailed)
echo.
echo. -EXPERIMENTAL – Still Tested –
echo. -System Cleaner and Performance Enhancer-
echo.
echo 38. Windows Temporary Folder Deletion
echo 39. Delete Google Chrome Temporary Files
echo 40. Delete Firefox Temporary Files
echo 41. Delete Flash Temporary Files
echo.
echo. -Vulnerability Testing – Recon Footprinting-
echo.
echo 42. NSlookup MX (Mail)Records
echo 43. NSlookup A Records
echo 44. NSlookup NS (Name Server) Records
echo 45. NSlookup PTR (Reverse Lookup) Records
echo 46. NSlookup SOA (Start of Authority) Records
echo 47. NSlookup LOC (Geofencing, if available) Records
echo.
echo. -Password Expiration Policy Checking-
echo.
echo 48. Password Expiration Check
echo.
echo. -Domain Trust “Tombstone” Verification-
echo.
echo 49. Domain Trust Verification
echo.
echo 0. Quit
echo.

set /p choice=”Enter your choice: ”
if “%choice%”==”1” goto shutdown
if “%choice%”==”2” goto shutdown-clock
if “%choice%”==”3” shutdown.exe -s -f
if “%choice%”==”4” shutdown.exe -r -f
if “%choice%”==”5” shutdown.exe -l -f
if “%choice%”==”6” defrag.exe c: -f
if “%choice%”==”7” defrag.exe e: -f
if “%choice%”==”8” defrag.exe f: -f
if “%choice%”==”9” ipconfig /all
if “%choice%”==”10” ipconfig /release
if “%choice%”==”11” ipconfig /renew
if “%choice%”==”12” ipconfig /flushdns
if “%choice%”==”13” netstat -a
if “%choice%”==”14” netstat -an
if “%choice%”==”15” netstat -r
if “%choice%”==”16” arp -a
if “%choice%”==”17” sfc /scannow
if “%choice%”==”18” sfc /scanonce
if “%choice%”==”19” chkdsk C: /f
if “%choice%”==”20” chkdsk D: /f
if “%choice%”==”21” chkdsk E: /f
if “%choice%”==”22” chkdsk F: /f
if “%choice%”==”23” chkdsk C: /r
if “%choice%”==”24” chkdsk D: /r
if “%choice%”==”25” chkdsk E: /r
if “%choice%”==”26” chkdsk F: /r
if “%choice%”==”27” netdom query fsmo
if “%choice%”==”28” repadmin /replsum
if “%choice%”==”29” repadmin /showrepl
if “%choice%”==”30” repadmin /kcc
if “%choice%”==”31” repadmin /syncall
if “%choice%”==”32” repadmin /syncall /force
if “%choice%”==”33” gpupdate
if “%choice%”==”34” gpupdate /force
if “%choice%”==”35” gpresult /Scope User /v
if “%choice%”==”36” gpresult /Scope Computer /v
if “%choice%”==”37” gpresult /z
if “%choice%”==”38” del /q/f/s %TEMP%\*
if “%choice%”==”39” goto Chrome-clear
if “%choice%”==”40” goto Firefox-clear
if “%choice%”==”41” goto Flash-clear
if “%choice%”==”42” goto NSlookup-MX
if “%choice%”==”43” goto NSlookup-A
if “%choice%”==”44” goto NSlookup-NS
if “%choice%”==”45” goto NSlookup-PTR
if “%choice%”==”46” goto NSlookup-SOA
if “%choice%”==”47” goto NSlookup-LOC
if “%choice%”==”48” goto Passwordexpiration
if “%choice%”==”49” goto DomainTrustVerification
if “%choice%”==”0″ exit
echo Invalid choice: %choice%
echo.
pause
cls
goto start

:shutdown
cls
set /p min=”Minutes until shutdown: ”
set /a sec=60*%min%
shutdown.exe -s -f -t %sec%
echo Shutdown initiated at %time%
echo.
goto cancel

:NSlookup-MX
cls
set /p MX=”Mail Server Lookup of FQDN Address: ”
echo %MX%
nslookup -querytype=MX %MX%
echo.
pause
goto start

:NSlookup-A
cls
set /p A=”A Record Server Lookup of FQDN Address: ”
echo %A%
nslookup -querytype=A %A%
echo.
pause
goto start

:NSlookup-NS
cls
set /p NS=”Name Server Record Lookup of FQDN Address: ”
echo %NS%
nslookup -querytype=NS %NS%
echo.
pause
goto start

:NSlookup-PTR
cls
set /p PTR=”Reverse Pointer Lookup Server Record of FQDN Address: ”
echo %PTR%
nslookup -querytype=PTR %PTR%
echo.
pause
goto start

:NSlookup-SOA
cls
set /p SOA=”Start of Authority Address: ”
echo %SOA%
nslookup -querytype=SOA %SOA%
echo.
pause
goto start

:NSlookup-LOC
cls
set /p LOC=”GeoFencing Location of FQDN Server Address (if available): ”
echo %LOC%
nslookup -querytype=LOC %LOC%
echo.
pause
goto start

:shutdown-clock
echo.
echo the time format is HH:MM:SS (24 hour time)
echo example: 14:30:00 for 2:30 PM
echo.
set /p tmg=enter the time that you wish the computer to shutdown on:
schtasks.exe /create /sc ONCE /tn shutdown /st %tmg% /tr “shutdown.exe -s -t 00″
echo shutdown initiated at %tmg%
goto start
echo.

:Chrome-clear
cls
del /q /s /f C:\Users\%USERNAME%\AppData\Local\Google\Chrome\User Data\
pause
goto start
echo.

:Firefox-clear
cls
set FDir=C:\Users\%USERNAME%\AppData\Local\Mozilla\Firefox\Profiles
del /q /s /f “%FDir%”
rd /s /q “%FDir%”
del /q /s /f C:\Users\%USERNAME%\AppData\Roaming\Mozilla\Firefox\Profiles\*
pause
goto start
echo.

:Flash-clear
cls
set FCook=C:\Users\%USERNAME%\AppData\Roaming\Macromedia\Flashp~1
del /q /s /f “%FCook%”
pause
goto start

:Passwordexpiration
cls
set /p EXP=”Enter Username (note: no @domain.suffix) of User you want to Check Password Expiration: ”
echo %EXP%
net user %EXP% /domain
echo.
pause
goto start

:DomainTrustVerification
cls
set /p TRUST=”Enter ‘Domain.suffix’ of your local domain to determine if you have a valid domain trust: ”
echo %TRUST%
nltest /sc_query:%TRUST%
echo.
pause
goto start

:ServerTrustVerification
cls
set /p SERVER=”Enter hostname of Server: ”
echo %SERVER%
set /p DOMAIN=”Enter domain name with suffix (Ex. contoso.local): ”
echo %DOMAIN%
nltest /server:%SERVER% /sc_query:%DOMAIN%
echo.
pause
goto start

:cancel
set /p cancel=”Type cancel to stop shutdown: ”
if not “%cancel%”==”cancel” exit
goto start
cls
schtasks.exe /end /tn shutdown
cls
schtasks.exe /delete /tn shutdown
cls
echo Shutdown is cancelled.
echo.
pause.
exit

Updated Code (Revision 4): 8-17-21

# added repadmin /showreps

# added menu formatting

# added a CVE classification for vulnerability workarounds

# updated script to include the Serious Sam Vulnerability Workaround, going to add vulnerability remediation’s to the script moving forward | CVE: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36934

# updated Serious Sam workaround to create the restore point AFTER doing the workaround, silly me had it before, and that made no sense. I needed a coffee break to see the wisdom of that silly error. 😛

# updated Serious Sam workaround to include notes about the workaround

# updated “-vulnerability fixes-” to include a shadow copy delete only function for those who applies the Serious Sam security patch but didn’t delete the shadow copies after applying the patch

# added Print Spooler vulnerability workaround | Note: should be applied on Domain Controllers | CVE: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36958

@echo off
color 0A
title Ultimate Command Prompt All-in-One.

:start
echo ******Ensure you run this “as Administrator”******
echo Welcome, %USERNAME%
echo What would you like to do?
echo.
echo. —Shutdown Options—
echo.
echo 1. Shutdown in specified time
echo 2. Shutdown at a specified time
echo 3. Shutdown now
echo 4. Restart now
echo 5. Log off now
echo.
echo. —Defrag Options—
echo.
echo 6. Defrag (C:)
echo 7. Defrag (E:)
echo 8. Defrag (F:)
echo.
echo. —Detailed IP Information—
echo.
echo 9. IP Config (Full)
echo 10 IP Config -Release-
echo 11. IP Config -Renew-
echo 12. DNS Flush
echo.
echo. —Advanced Port and Routing—
echo.
echo 13. Netstat (Active Ports)
echo 14. Netstat (Connections + Active Ports)
echo 15. Netstat (Routing Table)
echo 16. ARP (Mac to IP correlation)
echo.
echo. —System File Checking—
echo.
echo 17. SFC Scan (Active Scan)
echo 18. SFC Scan (Boot Scan)
echo 19. Check Disk for Errors on C: (Without scanning for bad sectors)
echo 20. Check Disk for Errors on D: (Without scanning for bad sectors)
echo 21. Check Disk for Errors on E: (Without scanning for bad sectors)
echo 22. Check Disk for Errors on F: (Without scanning for bad sectors)
echo 23. Check Disk for Errors C: (With bad sector scanning)
echo 24. Check Disk for Errors D: (With bad sector scanning)
echo 25. Check Disk for Errors E: (With bad sector scanning)
echo 26. Check Disk for Errors F: (With bad sector scanning)
echo.
echo. —Active Directory Replication—
echo.
echo. *Must be run while on a Domain Controller*
echo.
echo 27. Check FSMO Operation Master Status
echo 28. AD Replication Status of Domain Controllers in Domain
echo 29. AD Replication Summary (Detailed)
echo 30. AD Replication Status
echo 31. AD Replication Knowledge Consistency Checker (Kerberos)
echo 32. AD Replication Syncing of Domain Controller Replication
echo 33. AD Replication Syncing of Domain Controller Replication (Forced)
echo.
echo. —Active Directory Group Policy—
echo.
echo 34. Group Policy Refresh
echo 35. Group Policy Refresh (Forced)
echo 36. Group Policy User Policy Results
echo 37. Group Policy Computer Policy Results
echo 38. Group Policy Summary (Detailed)
echo.
echo. —EXPERIMENTAL – Still Tested—
echo. -System Cleaner and Performance Enhancer-
echo.
echo 39. Windows Temporary Folder Deletion
echo 40. Delete Google Chrome Temporary Files
echo 41. Delete Firefox Temporary Files
echo 42. Delete Flash Temporary Files
echo.
echo. —Vulnerability Testing—
echo.
echo. -–Recon Footprinting–
echo.
echo 43. NSlookup MX (Mail)Records
echo 44. NSlookup A Records
echo 45. NSlookup NS (Name Server) Records
echo 46. NSlookup PTR (Reverse Lookup) Records
echo 47. NSlookup SOA (Start of Authority) Records
echo 48. NSlookup LOC (Geofencing, if available) Records
echo.
echo. —Password Expiration Policy Checking—
echo.
echo 49. Password Expiration Check
echo.
echo. —Domain Trust “Tombstone” Verification—
echo.
echo 50. Domain Trust Verification
echo.
echo. —Vulnerability Fixes—
echo.
echo. –Serious SAM–
echo. -CVE-2021-36934-
echo.
echo 51. Remove Shadow Copies and Restore Points
echo 52. Serious SAM Vulnerability Workaround
echo.
echo. –Print Spooler–
echo. -CVE-2021-36958-
echo.
echo 53. Stop Print Spooler
echo 54. Disable Print Spooler
echo.
echo 0. Quit
echo.

set /p choice=”Enter your choice: ”
if “%choice%”==”1” goto shutdown
if “%choice%”==”2” goto shutdown-clock
if “%choice%”==”3” shutdown.exe -s -f
if “%choice%”==”4” shutdown.exe -r -f
if “%choice%”==”5” shutdown.exe -l -f
if “%choice%”==”6” defrag.exe c: -f
if “%choice%”==”7” defrag.exe e: -f
if “%choice%”==”8” defrag.exe f: -f
if “%choice%”==”9” ipconfig /all
if “%choice%”==”10” ipconfig /release
if “%choice%”==”11” ipconfig /renew
if “%choice%”==”12” ipconfig /flushdns
if “%choice%”==”13” netstat -a
if “%choice%”==”14” netstat -an
if “%choice%”==”15” netstat -r
if “%choice%”==”16” arp -a
if “%choice%”==”17” sfc /scannow
if “%choice%”==”18” sfc /scanonce
if “%choice%”==”19” chkdsk C: /f
if “%choice%”==”20” chkdsk D: /f
if “%choice%”==”21” chkdsk E: /f
if “%choice%”==”22” chkdsk F: /f
if “%choice%”==”23” chkdsk C: /r
if “%choice%”==”24” chkdsk D: /r
if “%choice%”==”25” chkdsk E: /r
if “%choice%”==”26” chkdsk F: /r
if “%choice%”==”27” netdom query fsmo
if “%choice%”==”28” repadmin /replsum
if “%choice%”==”29” repadmin /showrepl
if “%choice%”==”30” repadmin /showreps
if “%choice%”==”31” repadmin /kcc
if “%choice%”==”32” repadmin /syncall
if “%choice%”==”33” repadmin /syncall /force
if “%choice%”==”34” gpupdate
if “%choice%”==”35” gpupdate /force
if “%choice%”==”36” gpresult /Scope User /v
if “%choice%”==”37” gpresult /Scope Computer /v
if “%choice%”==”38” gpresult /z
if “%choice%”==”39” del /q/f/s %TEMP%\*
if “%choice%”==”40” goto Chrome-clear
if “%choice%”==”41” goto Firefox-clear
if “%choice%”==”42” goto Flash-clear
if “%choice%”==”43” goto NSlookup-MX
if “%choice%”==”44” goto NSlookup-A
if “%choice%”==”45” goto NSlookup-NS
if “%choice%”==”46” goto NSlookup-PTR
if “%choice%”==”47” goto NSlookup-SOA
if “%choice%”==”48” goto NSlookup-LOC
if “%choice%”==”49” goto Passwordexpiration
if “%choice%”==”50” goto DomainTrustVerification
if “%choice%”==”51” goto SeriousSam-DeleteShadownCopiesOnly
if “%choice%”==”52” goto SeriousSam
if “%choice%”==”53” goto StopPrintSpooler
if “%choice%”==”54” goto DisablePrintSpooler
if “%choice%”==”0″ exit
echo Invalid choice: %choice%
echo.
pause
cls
goto start

:shutdown
cls
set /p min=”Minutes until shutdown: ”
set /a sec=60*%min%
shutdown.exe -s -f -t %sec%
echo Shutdown initiated at %time%
echo.
goto cancel

:NSlookup-MX
cls
set /p MX=”Mail Server Lookup of FQDN Address: ”
echo %MX%
nslookup -querytype=MX %MX%
echo.
pause
goto start

:NSlookup-A
cls
set /p A=”A Record Server Lookup of FQDN Address: ”
echo %A%
nslookup -querytype=A %A%
echo.
pause
goto start

:NSlookup-NS
cls
set /p NS=”Name Server Record Lookup of FQDN Address: ”
echo %NS%
nslookup -querytype=NS %NS%
echo.
pause
goto start

:NSlookup-PTR
cls
set /p PTR=”Reverse Pointer Lookup Server Record of FQDN Address: ”
echo %PTR%
nslookup -querytype=PTR %PTR%
echo.
pause
goto start

:NSlookup-SOA
cls
set /p SOA=”Start of Authority Address: ”
echo %SOA%
nslookup -querytype=SOA %SOA%
echo.
pause
goto start

:NSlookup-LOC
cls
set /p LOC=”GeoFencing Location of FQDN Server Address (if available): ”
echo %LOC%
nslookup -querytype=LOC %LOC%
echo.
pause
goto start

:shutdown-clock
echo.
echo the time format is HH:MM:SS (24 hour time)
echo example: 14:30:00 for 2:30 PM
echo.
set /p tmg=enter the time that you wish the computer to shutdown on:
schtasks.exe /create /sc ONCE /tn shutdown /st %tmg% /tr “shutdown.exe -s -t 00″
echo shutdown initiated at %tmg%
goto start
echo.

:Chrome-clear
cls
del /q /s /f C:\Users\%USERNAME%\AppData\Local\Google\Chrome\User Data\
pause
goto start
echo.

:Firefox-clear
cls
set FDir=C:\Users\%USERNAME%\AppData\Local\Mozilla\Firefox\Profiles
del /q /s /f “%FDir%”
rd /s /q “%FDir%”
del /q /s /f C:\Users\%USERNAME%\AppData\Roaming\Mozilla\Firefox\Profiles\*
pause
goto start
echo.

:Flash-clear
cls
set FCook=C:\Users\%USERNAME%\AppData\Roaming\Macromedia\Flashp~1
del /q /s /f “%FCook%”
pause
goto start

:Passwordexpiration
cls
set /p EXP=”Enter Username (note: no @domain.suffix) of User you want to Check Password Expiration: ”
echo %EXP%
net user %EXP% /domain
echo.
pause
goto start

:DomainTrustVerification
cls
set /p TRUST=”Enter ‘Domain.suffix’ of your local domain to determine if you have a valid domain trust: ”
echo %TRUST%
nltest /sc_query:%TRUST%
echo.
pause
goto start

:ServerTrustVerification
cls
set /p SERVER=”Enter hostname of Server: ”
echo %SERVER%
set /p DOMAIN=”Enter domain name with suffix (Ex. contoso.local): ”
echo %DOMAIN%
nltest /server:%SERVER% /sc_query:%DOMAIN%
echo.
pause
goto start

:SeriousSam
cls
echo.
echo All Shadow copies and System Restores MUST be deleted prior to workaround . . .
echo.
echo Note: even if you apply the Security Update, the aforementioned still applies . . .
echo.
echo Press Enter to Deleting Shadow Copies . . .
echo Press Enter to Deleting System Restore Points . . .
pause
echo.
vssadmin delete shadows /all
echo.
echo Shadow Copies Deleted Successfully at %time% . . .
echo System Restore Points Deleted Successfully at %time% . . .
echo.
echo Press Enter to Apply SeriousSAM Vulnerability Workaround . . .
echo.
pause
echo.
icacls %windir%\system32\config\*.* /inheritance:e
echo.
echo SeriousSAM Vulnerability Workaround Applied at %time% . . .
echo.
echo Press Enter to Create a Restore Point . . .
echo.
pause
Wmic.exe /Namespace:\\root\default Path SystemRestore Call CreateRestorePoint “%DATE%”, 100, 1
echo Restore point created successfully at %time% . . .
echo.
echo Press Enter to Return to the Main Menu . . .
echo.
pause
echo.
goto start

:SeriousSam-DeleteShadownCopiesOnly
cls
echo.
echo This will delete all Shadow Copies and Restore Points . . .
echo.
echo Note: even if you apply the Security Update for Serious SAM, the aforementioned still applies . . .
echo.
echo Press Enter to Deleting Shadow Copies . . .
echo Press Enter to Deleting System Restore Points . . .
pause
echo.
vssadmin delete shadows /all
echo.
echo Shadow Copies Deleted Successfully at %time% . . .
echo System Restore Points Deleted Successfully at %time% . . .
echo.
echo Press Enter to Return to the Main Menu . . .
echo.
pause
goto start

:StopPrintSpooler
cls
echo.
echo This will stop the print spooler . . .
echo.
echo Press Enter to Stop the Print Spooler . . .
pause
echo.
powershell.exe Stop-Service -Name Spooler -Force
echo.
echo Print Spooler is stopped at %time% . . .
echo.
echo Press Enter to Return to the Main Menu . . .
echo.
pause
goto start

:DisablePrintSpooler
cls
echo.
echo This will disable the print spooler service . . .
echo.
echo Press Enter to Disable the Print Spooler Service . . .
pause
echo.
powershell.exe Set-Service -Name Spooler -StartupType Disabled
echo.
echo Print Spooler Service is disabled at %time% . . .
echo.
echo Press Enter to Return to the Main Menu . . .
echo.
pause
goto start

:cancel
set /p cancel=”Type cancel to stop shutdown: ”
if not “%cancel%”==”cancel” exit
goto start
cls
schtasks.exe /end /tn shutdown
cls
schtasks.exe /delete /tn shutdown
cls
echo Shutdown is cancelled.
echo.
pause.
exit

=================================================================

Updated Code (Revision 5): 8-18-21

# added Print Spooler cleanup

# added Windows Product Key Entry

# added Windows Product key Activation

# added Windows Licensing Information retrieval

# added Enabling TLS 1.2 on Servers or Desktops

# added the ability to Reboot Servers or Desktops that match a Naming convention to be performed; useful for computer that all have the same naming format or word in the hostname

# updated notes on Print Spooler Service around it being run on a Domain Controller specifically

Future Updates:

  1. FRS to DFS-R
  2. RRL protection
  3. DNS Socket protection
  4. Changing RDP Port
  5. Power Options “High Performance”

@echo off
color 0A
title Ultimate Command Prompt All-in-One.

:start
echo ******Ensure you run this “as Administrator”******
echo Welcome, %USERNAME%
echo What would you like to do?
echo.
echo. —Shutdown Options—
echo.
echo 1. Shutdown in specified time
echo 2. Shutdown at a specified time
echo 3. Shutdown now
echo 4. Restart now
echo 5. Log off now
echo.
echo. —Defrag Options—
echo.
echo 6. Defrag (C:)
echo 7. Defrag (E:)
echo 8. Defrag (F:)
echo.
echo. —Detailed IP Information—
echo.
echo 9. IP Config (Full)
echo 10 IP Config -Release-
echo 11. IP Config -Renew-
echo 12. DNS Flush
echo.
echo. —Advanced Port and Routing—
echo.
echo 13. Netstat (Active Ports)
echo 14. Netstat (Connections + Active Ports)
echo 15. Netstat (Routing Table)
echo 16. ARP (Mac to IP correlation)
echo.
echo. —System File Checking—
echo.
echo 17. SFC Scan (Active Scan)
echo 18. SFC Scan (Boot Scan)
echo 19. Check Disk for Errors on C: (Without scanning for bad sectors)
echo 20. Check Disk for Errors on D: (Without scanning for bad sectors)
echo 21. Check Disk for Errors on E: (Without scanning for bad sectors)
echo 22. Check Disk for Errors on F: (Without scanning for bad sectors)
echo 23. Check Disk for Errors C: (With bad sector scanning)
echo 24. Check Disk for Errors D: (With bad sector scanning)
echo 25. Check Disk for Errors E: (With bad sector scanning)
echo 26. Check Disk for Errors F: (With bad sector scanning)
echo.
echo. —Active Directory Replication—
echo.
echo. *Must be run while on a Domain Controller*
echo.
echo 27. Check FSMO Operation Master Status
echo 28. AD Replication Status of Domain Controllers in Domain
echo 29. AD Replication Summary (Detailed)
echo 30. AD Replication Status
echo 31. AD Replication Knowledge Consistency Checker (Kerberos)
echo 32. AD Replication Syncing of Domain Controller Replication
echo 33. AD Replication Syncing of Domain Controller Replication (Forced)
echo.
echo. —Active Directory Group Policy—
echo.
echo 34. Group Policy Refresh
echo 35. Group Policy Refresh (Forced)
echo 36. Group Policy User Policy Results
echo 37. Group Policy Computer Policy Results
echo 38. Group Policy Summary (Detailed)
echo.
echo. —System Cleaner and Performance Enhancer—
echo.
echo. –System Cleanup–
echo.
echo 39. Windows Temporary Folder Deletion
echo.
echo. –Browser Cleanup–
echo.
echo 40. Delete Google Chrome Temporary Files
echo 41. Delete Firefox Temporary Files
echo 42. Delete Flash Temporary Files
echo.
echo. –Print Spooler and Hung Printing Cleanup–
echo.
echo 43. Fix a crashed Print Spooler
echo.
echo. —Vulnerability Testing—
echo.
echo. -–Recon Footprinting–
echo.
echo 44. NSlookup MX (Mail)Records
echo 45. NSlookup A Records
echo 46. NSlookup NS (Name Server) Records
echo 47. NSlookup PTR (Reverse Lookup) Records
echo 48. NSlookup SOA (Start of Authority) Records
echo 49. NSlookup LOC (Geofencing, if available) Records
echo.
echo. —Password Expiration Policy Checking—
echo.
echo 50. Password Expiration Check
echo.
echo. —Domain Trust “Tombstone” Verification—
echo.
echo 51. Domain Trust Verification
echo.
echo. —Vulnerability Fixes—
echo.
echo. –Serious SAM–
echo. -CVE-2021-36934-
echo.
echo 52. Remove Shadow Copies and Restore Points
echo 53. Serious SAM Vulnerability Workaround
echo.
echo. –Print Spooler–
echo. -CVE-2021-36958-
echo. *Should be run on a Domain Controller*
echo.
echo 54. Stop Print Spooler
echo 55. Disable Print Spooler
echo.
echo. —Server or Desktop Activation—
echo.
echo 56. Activate Server or Desktop
echo 57. Display Licensing Information
echo.
echo. —Enable TLS 1.2—
echo. *Note: June 20th 2021 TLS 1.0, 1.1, and 3DES are EOL*
echo.
echo 58. Enable TLS 1.2 on Your Server or Desktop
echo.
echo. —Restart all computers based on Naming Convention—
echo.
echo 59. Restart Computers based Specific Name
echo.
echo 0. Quit
echo.

set /p choice=”Enter your choice: ”
if “%choice%”==”1” goto shutdown
if “%choice%”==”2” goto shutdown-clock
if “%choice%”==”3” shutdown.exe -s -f
if “%choice%”==”4” shutdown.exe -r -f
if “%choice%”==”5” shutdown.exe -l -f
if “%choice%”==”6” defrag.exe c: -f
if “%choice%”==”7” defrag.exe e: -f
if “%choice%”==”8” defrag.exe f: -f
if “%choice%”==”9” ipconfig /all
if “%choice%”==”10” ipconfig /release
if “%choice%”==”11” ipconfig /renew
if “%choice%”==”12” ipconfig /flushdns
if “%choice%”==”13” netstat -a
if “%choice%”==”14” netstat -an
if “%choice%”==”15” netstat -r
if “%choice%”==”16” arp -a
if “%choice%”==”17” sfc /scannow
if “%choice%”==”18” sfc /scanonce
if “%choice%”==”19” chkdsk C: /f
if “%choice%”==”20” chkdsk D: /f
if “%choice%”==”21” chkdsk E: /f
if “%choice%”==”22” chkdsk F: /f
if “%choice%”==”23” chkdsk C: /r
if “%choice%”==”24” chkdsk D: /r
if “%choice%”==”25” chkdsk E: /r
if “%choice%”==”26” chkdsk F: /r
if “%choice%”==”27” netdom query fsmo
if “%choice%”==”28” repadmin /replsum
if “%choice%”==”29” repadmin /showrepl
if “%choice%”==”30” repadmin /showreps
if “%choice%”==”31” repadmin /kcc
if “%choice%”==”32” repadmin /syncall
if “%choice%”==”33” repadmin /syncall /force
if “%choice%”==”34” gpupdate
if “%choice%”==”35” gpupdate /force
if “%choice%”==”36” gpresult /Scope User /v
if “%choice%”==”37” gpresult /Scope Computer /v
if “%choice%”==”38” gpresult /z
if “%choice%”==”39” del /q/f/s %TEMP%\*
if “%choice%”==”40” goto Chrome-clear
if “%choice%”==”41” goto Firefox-clear
if “%choice%”==”42” goto Flash-clear
if “%choice%”==”43” goto FixPrintSpooler
if “%choice%”==”44” goto NSlookup-MX
if “%choice%”==”45” goto NSlookup-A
if “%choice%”==”46” goto NSlookup-NS
if “%choice%”==”47” goto NSlookup-PTR
if “%choice%”==”48” goto NSlookup-SOA
if “%choice%”==”49” goto NSlookup-LOC
if “%choice%”==”50” goto Passwordexpiration
if “%choice%”==”51” goto DomainTrustVerification
if “%choice%”==”52” goto SeriousSam-DeleteShadownCopiesOnly
if “%choice%”==”53” goto SeriousSam
if “%choice%”==”54” goto StopPrintSpooler
if “%choice%”==”55” goto DisablePrintSpooler
if “%choice%”==”56” goto WindowsActivation
if “%choice%”==”57” goto DisplayLicensingInfo
if “%choice%”==”58” goto EnableTLS1dot2
if “%choice%”==”59” goto RebootbasedonName
if “%choice%”==”0″ exit
echo Invalid choice: %choice%
echo.
pause
cls
goto start

:shutdown
cls
set /p min=”Minutes until shutdown: ”
set /a sec=60*%min%
shutdown.exe -s -f -t %sec%
echo Shutdown initiated at %time%
echo.
goto cancel

:NSlookup-MX
cls
set /p MX=”Mail Server Lookup of FQDN Address: ”
echo %MX%
nslookup -querytype=MX %MX%
echo.
pause
goto start

:NSlookup-A
cls
set /p A=”A Record Server Lookup of FQDN Address: ”
echo %A%
nslookup -querytype=A %A%
echo.
pause
goto start

:NSlookup-NS
cls
set /p NS=”Name Server Record Lookup of FQDN Address: ”
echo %NS%
nslookup -querytype=NS %NS%
echo.
pause
goto start

:NSlookup-PTR
cls
set /p PTR=”Reverse Pointer Lookup Server Record of FQDN Address: ”
echo %PTR%
nslookup -querytype=PTR %PTR%
echo.
pause
goto start

:NSlookup-SOA
cls
set /p SOA=”Start of Authority Address: ”
echo %SOA%
nslookup -querytype=SOA %SOA%
echo.
pause
goto start

:NSlookup-LOC
cls
set /p LOC=”GeoFencing Location of FQDN Server Address (if available): ”
echo %LOC%
nslookup -querytype=LOC %LOC%
echo.
pause
goto start

:shutdown-clock
echo.
echo the time format is HH:MM:SS (24 hour time)
echo example: 14:30:00 for 2:30 PM
echo.
set /p tmg=enter the time that you wish the computer to shutdown on:
schtasks.exe /create /sc ONCE /tn shutdown /st %tmg% /tr “shutdown.exe -s -t 00″
echo shutdown initiated at %tmg%
goto start
echo.

:Chrome-clear
cls
del /q /s /f C:\Users\%USERNAME%\AppData\Local\Google\Chrome\User Data\
pause
goto start
echo.

:Firefox-clear
cls
set FDir=C:\Users\%USERNAME%\AppData\Local\Mozilla\Firefox\Profiles
del /q /s /f “%FDir%”
rd /s /q “%FDir%”
del /q /s /f C:\Users\%USERNAME%\AppData\Roaming\Mozilla\Firefox\Profiles\*
pause
goto start
echo.

:Flash-clear
cls
set FCook=C:\Users\%USERNAME%\AppData\Roaming\Macromedia\Flashp~1
del /q /s /f “%FCook%”
pause
goto start

:FixPrintSpooler
cls
echo.
echo Press Enter to Stop Print Spooler Service . . .
pause
echo.
net stop spooler
echo.
echo Please Wait 10 seconds for Print Spooler to stop . . .
echo Press Enter to delete all hung Print Jobs after waiting 10 seconds . . .
echo.
pause
del /q /s /f %windir%\System32\Spool\Printers\
echo.
echo Print Jobs have been successfully deleted at %time%
pause
echo.
echo Press Enter to Restart the Print Spooler Service . . .
pause
echo.
net start spooler
echo.
echo Press Enter to Return to Main Menu . . .
pause
goto start
echo.

:Passwordexpiration
cls
set /p EXP=”Enter Username (note: no @domain.suffix) of User you want to Check Password Expiration: ”
echo %EXP%
net user %EXP% /domain
echo.
pause
goto start

:DomainTrustVerification
cls
set /p TRUST=”Enter ‘Domain.suffix’ of your local domain to determine if you have a valid domain trust: ”
echo %TRUST%
nltest /sc_query:%TRUST%
echo.
pause
goto start

:ServerTrustVerification
cls
set /p SERVER=”Enter hostname of Server: ”
echo %SERVER%
set /p DOMAIN=”Enter domain name with suffix (Ex. contoso.local): ”
echo %DOMAIN%
nltest /server:%SERVER% /sc_query:%DOMAIN%
echo.
pause
goto start

:SeriousSam
cls
echo.
echo All Shadow copies and System Restores MUST be deleted prior to workaround . . .
echo.
echo Note: even if you apply the Security Update, the aforementioned still applies . . .
echo.
echo Press Enter to Deleting Shadow Copies . . .
echo Press Enter to Deleting System Restore Points . . .
pause
echo.
vssadmin delete shadows /all
echo.
echo Shadow Copies Deleted Successfully at %time% . . .
echo System Restore Points Deleted Successfully at %time% . . .
echo.
echo Press Enter to Apply SeriousSAM Vulnerability Workaround . . .
echo.
pause
echo.
icacls %windir%\system32\config\*.* /inheritance:e
echo.
echo SeriousSAM Vulnerability Workaround Applied at %time% . . .
echo.
echo Press Enter to Create a Restore Point . . .
echo.
pause
Wmic.exe /Namespace:\\root\default Path SystemRestore Call CreateRestorePoint “%DATE%”, 100, 1
echo Restore point created successfully at %time% . . .
echo.
echo Press Enter to Return to the Main Menu . . .
echo.
pause
echo.
goto start

:SeriousSam-DeleteShadownCopiesOnly
cls
echo.
echo This will delete all Shadow Copies and Restore Points . . .
echo.
echo Note: even if you apply the Security Update for Serious SAM, the aforementioned still applies . . .
echo.
echo Press Enter to Deleting Shadow Copies . . .
echo Press Enter to Deleting System Restore Points . . .
pause
echo.
vssadmin delete shadows /all
echo.
echo Shadow Copies Deleted Successfully at %time% . . .
echo System Restore Points Deleted Successfully at %time% . . .
echo.
echo Press Enter to Return to the Main Menu . . .
echo.
pause
goto start

:StopPrintSpooler
cls
echo.
echo This will stop the print spooler . . .
echo.
echo Press Enter to Stop the Print Spooler . . .
pause
echo.
powershell.exe Stop-Service -Name Spooler -Force
echo.
echo Print Spooler is stopped at %time% . . .
echo.
echo Press Enter to Return to the Main Menu . . .
echo.
pause
goto start

:DisablePrintSpooler
cls
echo.
echo This will disable the print spooler service . . .
echo.
echo Press Enter to Disable the Print Spooler Service . . .
pause
echo.
powershell.exe Set-Service -Name Spooler -StartupType Disabled
echo.
echo Print Spooler Service is disabled at %time% . . .
echo.
echo Press Enter to Return to the Main Menu . . .
echo.
pause
goto start

:WindowsActivation
cls
echo.
echo Press Enter to input your product key in the following format XXXXX-XXXXX-XXXXX-XXXXX-XXXXX . . .
pause
echo.
set /p ProductKey=”Enter Product Key: ”
echo %ProductKey%
slmgr.vbs /ipk %ProductKey%
echo.
echo Product Key Successfully Assigned at %time% . . .
pause
echo.
echo Press Enter to Activate Product Key with Microsoft . . .
pause
echo.
slmgr.vbs /ato
echo.
echo Product Key is Successfully Activated . . .
pause
echo.
echo Press Enter to Return to the Main Menu . . .
echo.
pause
goto start

:DisplayLicensingInfo
cls
echo.
echo Press Enter to Display Microsoft Licensing Information . . .
pause
echo.
slmgr.vbs /dlv
echo.
echo Press Enter to Return to the Main Menu . . .
echo.
pause
goto start

:EnableTLS1dot2
cls
echo.
echo Press Enable TLS 1.2 on this Local Desktop or Server . . .
pause
echo.
powershell.exe [System.Net.ServicePointManager]::SecurityProtocol = ‘Ssl3 , Tls12’
echo.
echo. TLS 1.2 has been Successfully Enabled on Your Local Desktop or Server . . .
pause
echo.
echo Press Enter to Return to the Main Menu . . .
echo.
pause
echo.
goto start

:RebootbasedonName
cls
echo.
echo Press Enter to Start the Reboot Process based on Naming Convention . . .
pause
echo.
set /p RebootBasedOnName=”Please Enter Computer Name or Word in the Name: ”
echo %RebootBasedOnName%
echo.
powershell.exe Import-Module activedirectory
powershell.exe “Get-ADComputer -Filter * | Where { $_.Name -imatch ‘%RebootBasedOnName%’ } | foreach {restart-computer $_.name -force}”
echo.
echo. Selected Servers and/or Desktops Have been Successfully Rebooted at %time% . . .
echo.
pause
echo.
echo Press Enter to Return to the Main Menu . . .
echo.
pause
echo.
goto start

:cancel
set /p cancel=”Type cancel to stop shutdown: ”
if not “%cancel%”==”cancel” exit
goto start
cls
schtasks.exe /end /tn shutdown
cls
schtasks.exe /delete /tn shutdown
cls
echo Shutdown is cancelled.
echo.
pause.
exit