Windows Scripts
Useful local Windows admin scripts with the same card layout. For Active Directory and M365/Entra scripts, use Cloud Scripts.
Windows Health Snapshot
Collect uptime, CPU/memory, disk, and top process usage in one report.
Local Health
Built-in
Required module/command
Built-inRun first
# Run in elevated PowerShell
Script
$os = Get-CimInstance Win32_OperatingSystem
$uptime = (Get-Date) - $os.LastBootUpTime
Write-Host "=== System ==="
Get-ComputerInfo | Select-Object WindowsProductName, WindowsVersion, CsName
Write-Host "`n=== Uptime ==="
"{0} days {1} hours" -f $uptime.Days, $uptime.Hours
Write-Host "`n=== Memory ==="
Get-CimInstance Win32_OperatingSystem |
Select-Object @{N='FreeGB';E={[math]::Round($_.FreePhysicalMemory/1MB,2)}},
@{N='TotalGB';E={[math]::Round($_.TotalVisibleMemorySize/1MB,2)}}
Write-Host "`n=== Disk ==="
Get-Volume | Select-Object DriveLetter, FileSystemLabel, FileSystem,
@{N='SizeGB';E={[math]::Round($_.Size/1GB,2)}},
@{N='FreeGB';E={[math]::Round($_.SizeRemaining/1GB,2)}}
Pending Reboot Check
Checks registry markers commonly used to flag pending reboot state.
Maintenance
Built-in
Required module/command
Built-inRun first
# Run in elevated PowerShell
Script
$paths = @(
'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootPending',
'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired',
'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager'
)
$pending = $false
foreach ($path in $paths) {
if (Test-Path $path) { $pending = $true }
}
if ($pending) {
Write-Host 'Pending reboot detected.' -ForegroundColor Yellow
} else {
Write-Host 'No pending reboot detected.' -ForegroundColor Green
}
Recent Critical/Error Events
Pulls recent System/Application critical and error events for triage.
Diagnostics
Built-in
Required module/command
Built-inRun first
# Run in elevated PowerShell
Edit Variables
Look-back (hours)
Script
$Hours = ##HOURS##
$start = (Get-Date).AddHours(-$Hours)
Get-WinEvent -FilterHashtable @{
LogName = @('System', 'Application')
Level = 1,2
StartTime = $start
} -ErrorAction SilentlyContinue |
Select-Object TimeCreated, LogName, Id, LevelDisplayName, ProviderName, Message |
Sort-Object TimeCreated -Descending |
Select-Object -First 120
Restart Service + Validate
Restarts a service, waits briefly, then verifies status.
Services
Built-in
Required module/command
Built-inRun first
# Run in elevated PowerShell
Edit Variables
Service name
Script
$ServiceName = '##SERVICE_NAME##' Restart-Service -Name $ServiceName -Force Start-Sleep -Seconds 3 Get-Service -Name $ServiceName | Select-Object Name, Status, StartType, DisplayName
Defender Quick Scan + Threat Status
Starts a quick Defender scan and checks threat state.
Security
Defender
Required module/command
DefenderRun first
# Run in elevated PowerShell
Script
Start-MpScan -ScanType QuickScan
Get-MpComputerStatus |
Select-Object AMRunningMode, AntivirusEnabled, RealTimeProtectionEnabled,
QuickScanStartTime, QuickScanEndTime,
AntivirusSignatureLastUpdated
Local Administrators Group Audit
Lists all members of local Administrators group.
Security
Built-in
Required module/command
Built-inRun first
# Run in elevated PowerShell
Script
Get-LocalGroupMember -Group 'Administrators' | Select-Object Name, ObjectClass, PrincipalSource
Firewall Profile Baseline Check
Shows current firewall profile states and default actions.
Security
NetSecurity
Required module/command
NetSecurityRun first
# Run in elevated PowerShell
Script
Get-NetFirewallProfile |
Select-Object Name, Enabled, DefaultInboundAction, DefaultOutboundAction,
NotifyOnListen, AllowInboundRules, AllowLocalFirewallRules
DNS Flush + Resolve Test
Flushes local DNS cache and tests name resolution.
Network
Built-in
Required module/command
Built-inRun first
# Run in elevated PowerShell for cache flush
Edit Variables
Hostname to test
Script
$HostToTest = '##HOST_TO_TEST##' ipconfig /flushdns | Out-Null Resolve-DnsName -Name $HostToTest -Type A Resolve-DnsName -Name $HostToTest -Type AAAA -ErrorAction SilentlyContinue
TCP Port Smoke Test
Checks multiple ports against a target host.
Network
Built-in
Required module/command
Built-inRun first
# Standard PowerShell session
Edit Variables
Target host
Ports (comma-separated)
Script
$Target = '##TARGET##'
$Ports = '##PORTS##' -split ',' | ForEach-Object { $_.Trim() }
foreach ($p in $Ports) {
$result = Test-NetConnection -ComputerName $Target -Port ([int]$p) -WarningAction SilentlyContinue
[PSCustomObject]@{
Host = $Target
Port = $p
TcpTestSucceeded = $result.TcpTestSucceeded
}
}
Installed Updates Report
Exports installed hotfixes from the last N days.
Maintenance
Built-in
Required module/command
Built-inRun first
# Standard PowerShell session
Edit Variables
Look-back (days)
Script
$Days = ##DAYS##
$Cutoff = (Get-Date).AddDays(-$Days)
Get-HotFix |
Where-Object { $_.InstalledOn -ge $Cutoff } |
Sort-Object InstalledOn -Descending |
Select-Object HotFixID, Description, InstalledBy, InstalledOn
Temp Folder Cleanup
Cleans machine and user temp directories older than N days.
Maintenance
Built-in
Required module/command
Built-inRun first
# Run in elevated PowerShell
Edit Variables
Delete older than (days)
Script
$Days = ##DAYS##
$paths = @(
"$env:WINDIR\Temp",
"$env:TEMP"
)
$cutoff = (Get-Date).AddDays(-$Days)
foreach ($p in $paths) {
if (Test-Path $p) {
Get-ChildItem -Path $p -Recurse -Force -ErrorAction SilentlyContinue |
Where-Object { -not $_.PSIsContainer -and $_.LastWriteTime -lt $cutoff } |
Remove-Item -Force -ErrorAction SilentlyContinue
}
}
Write-Host "Cleanup complete"
No scripts match your search.
Frequently asked questions
Do these scripts require admin rights?
Many do. Run PowerShell as Administrator for service control, security, firewall, and event log commands.
Can I edit values before copy/download?
Yes. Expand any script card, change variable fields, then copy or download the rendered script.
Where are AD and M365 scripts?
AD, Exchange, and M365/Entra tenant scripts are in Cloud Scripts. Windows Scripts is for local endpoint/server tasks.