Deploy .pfx cert embedded in script (a sort of 'cat << EOF' for windows)

@echo off
::
::  
:: In order to prepare the certificate please run
:: 'certutil -encode the_pfx_cert base_64_cert`
:: then paste the base_64_cert in the section below
:: Please note that the certificate password has to be given as start paramater to this script!
:: (eq: "cert-inst.bat S3cr3tPassw0rd")

:: If the cert was already installed, exit
REG QUERY HKCU\SOFTWARE\neXt /v CertInstalled
If %errorlevel%==0 goto :eof

:: define the temp name of the extracted cert
set extractedfile=%temp%\extract-%random%.txt

:: set the password needed to decode the cert
set certpasswd=%~1

:: separate the cert from this script
call:extractembedded embeddedfile %extractedfile%

:: process the extracted file
certutil -decode %extractedfile% %extractedfile%.pfx

certutil -f -user -p %certpasswd% -importpfx %extractedfile%.pfx

:: clean-up
::del %extractedfile% %extractedfile%.pfx

:: leave a trace in the registry, so the cert will not be installed again and again
REG ADD HKCU\SOFTWARE\neXt /v CertInstalled /t REG_DWORD /d 1

:: clean exit
exit /b

:: begin of the embed cert & extraction procedure
:: After the next line, please paste the "base_64_cert" created by certutil -encode
goto:embeddedfile
-----BEGIN CERTIFICATE-----
MIIMngIBAzCCDGQGCSqG
[...]
k05EzAQIFXJaGHOuxZcCAggA
-----END CERTIFICATE-----
:embeddedfile
:: before the previous line you can find the end of the "base_64_cert"

:: cert extraction procedure
:extractembedded
setlocal EnableDelayedExpansion
set embedbegin=goto:%~1
set embedend=:%~1
set embedcert=%~2
if exist %embedcert% del %embedcert%
set tmprndfile=%temp%\%random%.%random%
findstr /n ^^ "%~f0" > %tmprndfile%
call :seekembed < %tmprndfile%
del %tmprndfile%
exit /B
:seekembed
set oneline=:eof
set /P oneline=
if !oneline! == :eof goto nostart
set oneline=!oneline:*:=!
if not !oneline! == %embedbegin% goto seekembed
:getline
set oneline=:eof
set /P oneline=
if !oneline! == :eof goto nostop
set oneline=!oneline:*:=!
if !oneline! == %embedend% goto :eof
echo/!oneline!>> %embedcert%
goto getline
:nostart
echo Error finding start delimiter %embedbegin%
goto :eof
:nostop
echo Error finding stop delimiter %embedend%
goto :eof

Fix Windows 7 Boot

Fixing the Master Boot Record (MBR)

Step one: Boot from either your Windows 7 Installation DVD or Windows 7 System Recovery Disc.   Remember, you may need to change the boot order inside your BIOS to have the your DVD drive boot first.

Step two: After the installation or recovery disc loads, if prompted, select your language settings and then continue.   If you are using the installation DVD, when prompted by the following screen select Repair your computer.

Step three: The computer will take a moment now to scan itself for any Windows installations, after which you will likely be given a choice to select which installation you wish to repair.   Select the appropriate Windows installation from the list and then continue. If by chance a problem is detected in one of your Windows installations at this initial stage, the system may also ask you if it can try to repair the problem automatically. It is up to you if you wish to let the system try to repair itself, but otherwise just select No.  

Step four: Once you have reached the System Recovery Options screen, as shown below, you will be faced with a list of choices that can aid you in repairing a damaged Windows 7 operating system.   If you wish to try the Startup Repair option first, it is often successful in automatically fixing many different start up issues, but in this article we will be using the Command Prompt option to resolve our problems manually. So, click Command Prompt to continue.  

Step five: Now sitting at the command prompt, enter the following command and then press enter:

                bootrec.exe /FixMbr

If successful, you should be greeted with the message The operation completed successfully.   That's it!   Your Master Boot Record has been repaired.

While the above command does fix the MBR, and sometimes that is enough, there still might be an error with the system partition's boot sector and Boot Configuration Data (BCD). This might occur if you have tried to install another operating system alongside Windows 7, such as Windows XP.   To write a new boot sector, try the following command:

              bootrec.exe /FixBoot

If you are still faced with your Windows 7 installation not being detected during start up, or if you wish to include more than one operating system choice to your system's boot list, you can try the following command to rebuild your BCD:
              
              bootrec.exe /RebuildBcd

The above command will scan all your disks for other operating systems compatible with Windows 7 and allow you to add them to your system's boot list. If this fails, you may need to backup the old BCD folder* and create a new one in its place with the following commands:

              bcdedit /export C:\BCD_Backup

              c:

              cd boot

              attrib bcd -s -h -r

              ren c:\boot\bcd bcd.old

              bootrec /RebuildBcd

*Some users also find simply deleting the boot folder and retrying the above steps effective at resolving boot issues, but it is not recommended.


How to change active partitions

Upon purposely changing the active partition on my system drive, I was faced with a BOOTMGR is missing error during my system's start up that prevent Windows from starting. It is a common mistake to make when playing with partitions on a system drive and it can be a headache to solve if not prepared. To change your active partition back using the Windows 7 recovery disc or Installation DVD, follow the steps below.

Step one: Follow steps one to four in the above guide. This should take you to the Command Prompt in the Windows Recovery Environment.

Step two: Type DiskPart and then press Enter.

Step three: Type List Disk now and then press Enter. This command will list all disks attached to your computer and assign them a disk number.

Step four: Type Select Disk x, where x is the number for the disk containing the partition you wish to make active. Press Enter.

Step five: Type List Partition and then press Enter. You will now be shown a list of the partitions on the selected disk. Determine which partition you wish to make active.

Step six: Type Select Partition x, where x is the number of the partition you wish to make active.

Step seven: Now, just type Active and then press Enter. That should be it - the selected partition is now active.

How to create a Windows 7 System Recovery Disc

Windows 7 makes it easy to create a System Recovery Disc if you already have Windows 7 installed and running.  

Step one: Click Start > All Programs > Maintenance > Create a System Repair Disc

Step two: Insert a blank CD or DVD into your disc drive.

Step three: Click Create disc and let the program do its thing.

That's it! It only needs to write about 140- to 160-megabytes to the disc, depending on whether your OS is 64-bit or 32-bit, and that should only take a minute. If you do not have a CD/DVD-R drive to create a recovery disc with, you can alternatively download the ISO image of the Windows 7 System Recovery Disc and use it to make a bootable USB flash drive.

How to create a Windows 7 System Recovery USB flash drive

Step one: If you do not have a DVD drive, download the appropriate Windows 7 Recovery Disc image. Alternatively, if you have a DVD drive, you can use an existing Windows 7 Installation DVD or a Windows 7 Recovery Disc when at step seven.  

Using a Windows 7 Installation DVD at step seven will also allow you to install Windows 7 via USB, not just recover a damaged system; very useful if you have a netbook!

Step two: Open a command prompt with administrative rights. To do this, click Start > All Programs > Accessories and then right click Command Prompt, followed by clicking Run as administrator.

Step three: After accepting any UAC verification questions, you should now be at the command prompt. Make sure your USB flash drive is plugged in and then type DiskPart, followed by pressing Enter.

Step four: Type List Disk and then press Enter. Determine which disk number corresponds to your USB flash drive. In the following scenario, Disk 1 corresponds to our USB drive since we know our USB drive has a capacity of 2-gigabytes.

Step five: Enter the following commands in order, changing the disk number to the disk number listed for your USB drive.   Warning - the following commands will erase everything on your USB drive or the disk you select.

              Select Disk 1

              Clean

              Create Partition Primary

              Select Partition 1

              Active

              Format FS=NTFS

Step six: After DiskPart successfully formats the USB drive, which might take a few minutes, you will want to enter the following commands:

              Assign
              Exit

Step seven: You will now need to copy the contents of the ISO image you downloaded, or the contents of a DVD you wish use, to the USB flash drive.   There should be two folders and a file in the ISO image that need to be copied. To extract the files contained within an ISO image, you will need to use a program such as 7-zip.

Step eight: Now that the files are copied, we will want to make the USB drive bootable. To accomplish this however we will need to download a small file called bootsect.exe; it can be found in the boot directory of the Windows 7 Installation DVD.  Once downloaded, place the bootsect.exe file in the root directory of your USB flash drive.

Step nine: Back at the command prompt, we will want to change the current directory to that of the USB drive and run the bootsect command. In our case this is drive E, so we will be using the following respective commands:

                 e:
                 bootsect /nt60 e:

The bootsect command will update the target volume with a compatible bootcode. If all goes well, you should now have a bootable USB recovery drive; just remember to add the USB drive to the boot list in your system's BIOS for it to work upon start up.

Watermark Printer

This is a very crude version of a "Watermark Printer" - it prints on a "preprinted paper" (e.g. something containing the company logo)


@echo off

:: ------------------------------------------------------------------
:: install redmon in %userprofile%\appdata\redmon
:: put this script in %userprofile%\appdata\redmon\email.bat
:: create new printer with port RPT1:
:: configure port redirect to %userprofile%\appdata\redmon\redrun.exe
:: port arguments %userprofile%\appdata\redmon\email.bat  %%1

:: ------------------------------------------------------------------
:: Ghostscript configuraton
set GS_INSTALL="%userprofile%\appdata\redmon\gs"
set GS_VERSION=8.63
:: LibTIFF configuraton
set LIBTIFF_INSTALL=%userprofile%\appdata\redmon\GnuWin32
:: PDF viewer configuraton (no need to set, if PDF is a registered file type)
set PDF_READER=
:: Watermark background config
set BACKGROUND="%userprofile%\appdata\redmon\\Watermark.pdf"
:: PDFTK location
set PDFTK="%userprofile%\appdata\redmon\"
:: ------------------------------------------------------------------
:: temporary PDF directory
set PDF_DIR=%TEMP%\1
:: delete old temporary PDF directories if required
for /d %%D in ("%TEMP%\1\") do if not "%%D"=="%TEMP%\1\" rd /s /q "%%D"
:: create if required
if not exist "%PDF_DIR%" md "%PDF_DIR%"
echo myass > %PDF_DIR%\blah
:: check if file is given
if not "%~1" == "" goto CHECK_FOUND
echo ERROR: No file name given!
goto END
::----------
:CHECK_FOUND
:: check for file existence
if exist "%*" goto SET_FNE
echo ERROR: File "%*" not found!
goto END
::------
:SET_FNE
:: set input file, name and extension
call :set_input_file_name_ext "%*"
:: check file type
if "%INPUT_EXT%" == "" set INPUT_NAME=%~n1.ps
if "%INPUT_EXT%" == "" set INPUT_EXT=.ps
if "%INPUT_EXT%" == ".ps" goto PROCESS_PS
if "%INPUT_EXT%" == ".tiff" goto PROCESS_TIFF
if "%INPUT_EXT%" == ".tif" goto PROCESS_TIFF
if "%INPUT_EXT%" == ".pdf" goto PROCESS_PDF
echo ERROR: File type "%INPUT_EXT%" not supported!
goto END
:: --------
:PROCESS_PS
:: set file names
set PS_FILE=%INPUT_FILE%
set PDF_FILE=%PDF_DIR%\%INPUT_NAME%.pdf
:: convert to PDF
"%GS_INSTALL%\gs%GS_VERSION%\bin\gswin32c.exe" -dSAFER -dNumRenderingThreads#%NUMBER_OF_PROCESSORS% -sDEVICE#pdfwrite -o "%PDF_FILE%" -c .setpdfwrite -f "%PS_FILE%"
goto DISPLAY
:: ----------
:PROCESS_TIFF
:: set file names
set TIFF_FILE=%INPUT_FILE%
set PDF_FILE=%PDF_DIR%\%INPUT_NAME%.pdf
:: convert to PDF
"%LIBTIFF_INSTALL%\bin\tiff2pdf.exe" -o "%PDF_FILE%" -f "%TIFF_FILE%"
goto DISPLAY
:: ---------
:PROCESS_PDF
:: set file name
set PDF_FILE=%INPUT_FILE%
::
:: ------------------------------------------------------------------
:DISPLAY
:: open PDF file in reader
:: start /b "%PDF_READER%" "%PDF_FILE%"
::
:: apply background
%PDFTK%\pdftk.exe "%PDF_FILE%" background %BACKGROUND% output "%PDF_DIR%\output.pdf"
:: call OUTLOOK - ugly for the moment
"C:\Program Files (x86)\Microsoft Office\OFFICE14\OUTLOOK.EXE" /a "%PDF_DIR%\output.pdf"

:: ------------------------------------------------------------------
:END
exit
::
:: ------------------------------------------------------------------
:: Subroutine: set_input_file_name_ext
:: Arguments:  %1 = "path/name.ext"
:: Purpose:    set environment vars to input file, name and extension
:: ------------------------------------------------------------------
:set_input_file_name_ext
set INPUT_FILE=%~1
set INPUT_NAME=%~n1
set INPUT_EXT=%~x1
goto :eof
:: ------------------------------------------------------------------

Clear Win7 UserProfile

' Clear Win7/Win2008 User Profile and registry
' to be executed on each Terminal Server
'(c)2012-2014 sorinakis@gmail

Set WshShell = CreateObject("WScript.Shell")
Set WshNet = WScript.CreateObject("WScript.Network")
Set WMIService = GetObject("winmgmts:\\.\root\cimv2")
Set objRegistry = GetObject("winmgmts:\\.\root\default:StdRegProv")
set WshFSO = CreateObject("Scripting.FileSystemObject")
const HKEY_LOCAL_MACHINE = &H80000002

dim strUser
Do
strUser = InputBox(vbCrLf & "Please enter the username you wish to reset: ", "Profile Cleaner")

 If TypeName(strUser) = "Empty" Then
     WScript.Quit
 End If
If Len(Trim(strUser)) = 0 Then
     MsgBox "You have to Enter Username To Reset",48
 End If
Loop While Len(Trim(strUser)) = 0
'' debug
'with createobject("wscript.shell")
'.popup "User: " & strUser , 5 , "Info"
'end with
'' end debug
if CStr(CheckUser(strUser)) then
Set Account = WMIService.Get("Win32_UserAccount.Name='" & strUser & "',Domain='" & WshNet.UserDomain & "'")
strRegKey = "SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\" + Account.SID

if CheckRegKey(strRegKey) then
strUserProfile = WshShell.ExpandEnvironmentStrings(WshShell.RegRead("HKEY_LOCAL_MACHINE\" + strRegKey + "\ProfileImagePath"))
strRmtFldr = WshShell.ExpandEnvironmentStrings(WshShell.RegRead("HKEY_LOCAL_MACHINE\" + strRegKey + "\CentralProfile"))
Else
MsgBox "  The registry key for user " & strUser & " does not exist! Can NOT backup and clean anything!" & vbCrLf & vbCrLf & "Please manually check for and rename the USERPROFILE and ROAMINGPROFILE Folders.",16
wscript.quit
End If
strRegFile = strUserProfile & "\reg_backup.reg"
regCmd = "regedit.exe /E """ & strRegFile & """ " & """HKEY_LOCAL_MACHINE\" & strregKey & """"

If WshFSO.FolderExists (strUserProfile) Then
 '' debug
 'with createobject("wscript.shell")
 '.popup "Backup: " & strUserProfile , 5 , "Info"
 'end with
 '' end debug
WshShell.Run regCmd, 0, True
 WshFSO.MoveFolder strUserProfile , strUserProfile & ".backup"
End If

If WshFSO.FolderExists (strRmtFldr) Then
 '' debug
 'with createobject("wscript.shell")
 '.popup "Backup: " & strRmtFldr , 5 , "Info"
 'end with
 '' end debug
   WshFSO.MoveFolder strRmtFldr , strRmtFldr & ".backup"
End If

 '' debug
 'with createobject("wscript.shell")
 '.popup "Removing: HKEY_LOCAL_MACHINE\" & strRegKey , 5 , "Info"
 'end with
 '' end debug
 DeleteSubkeys HKEY_LOCAL_MACHINE, strRegKey
 Sub DeleteSubkeys(HKEY_LOCAL_MACHINE, strRegKey)
    objRegistry.EnumKey HKEY_LOCAL_MACHINE, strRegKey, arrSubkeys
    If IsArray(arrSubkeys) Then
        For Each strSubkey In arrSubkeys
            DeleteSubkeys HKEY_LOCAL_MACHINE, strRegKey & "\" & strSubkey
        Next
    End If
    objRegistry.DeleteKey HKEY_LOCAL_MACHINE, strRegKey
 End Sub


' Open the backed up profile it in explorer...

'strPath = "explorer.exe /e, strRmtFldr" & ".backup"
'WshShell.Run strPath 

'debug
  with createobject("wscript.shell")
 .popup "Profile of " & strUser & " has been processed.", 5 , "Info"
 end with
 '' end debug
wscript.quit                  
Else
MsgBox  "USER " & strUser & " NOT FOUND!", 16
wscript.quit
End If

Function CheckRegKey(strRegKey)
On Error Resume next 
strUserProfile = WshShell.ExpandEnvironmentStrings(WshShell.RegRead("HKEY_LOCAL_MACHINE\" + strRegKey + "\ProfileImagePath"))
  If Err.Number <> 0 Then
    Err.Clear
CheckRegKey = false
else
   Err.Clear
CheckRegKey = true
End If
end function

          
Function CheckUser(user)
On Error Resume next
with CreateObject("WScript.Shell")
Set Account = WMIService.Get("Win32_UserAccount.Name='" & User & "',Domain='" & WshNet.UserDomain & "'")
end with
CheckUser = (Err.Number = 0)
On Error Goto 0
end function