Categories
CLI Command Line Grep Linux Win 7 Win7 Windows Windows 2000 Windows 7 Windows Vista Windows7

Windows Command Line Tricks

Here are a few Windows command line tricks that might make your life easier.

Save A List of Files to a Text File by Extension

dir *.ext /s /b > files.txt

This command line will create a file called files.txt. When you open this file, there will be a complete list of all the files in that directory and all subdirectories with the .ext extension. You can then open up this text file in any text editor and work this the information.By changing the ext part, you can select different files. For example, if you wanted to list all of the PDF documents, you would type:

dir *.pdf /s /b > files.txt


Get Your IP Address Information

ipconfig /all

This will retrieve a pile of information about your network connection and IP information. From this command, you can get:

* Host Name
* Primary DNS Suffix
* Node Type
* IP Routing Enabled
* WINS Proxy Enabled
* DNS Suffix Search List
* Connection-specific DNS Suffix
* Network Adapter Description
* Physical (MAC) Address
* DHCP Enabled
* IP Address
* Subnet Mask
* Default Gateway
* DNS Servers


Get Installed Driver Information

driverquery

It can be very useful when troubleshooting to know what drivers are installed on a system. This command will give you a complete listing of the drivers and when they were installed.


Find Files Opened By Network Users

openfiles /query

If you are running a system and you want to know who has files open on your computer, this command will provide you a list of those users and the files that they have open.

Note: If you get an error saying The system global flag ‘maintain objects list’ needs to be enabled to see local opened files, you can fix this issue by typing openfiles /local on. You will have to reboot the system but it will resolve the issue.


Monitor Port Activity

netstat -a 30

This will show you all of the TCP/IP ports that are being used on your system and what they are connecting to (or being connected from). It will continue to monitor these ports and refresh the information every 30 seconds. You can change the refresh rate by changing the number at the end of the command.


Recover Information From A Corrupt File

recover filename.ext

If you have a disk with damaged sectors, you can attempt to recover as much information as possible from the damaged file. Data that is not damaged can be retrieved but data in damaged sectors will be lost.


Defragment Remote Computer

rexec remotePC defrag C: /F

This command used the rexec command to force a defragment of the C: drive on the computer named remotePC. You can use whatever you want to for the command (I just used defrag C: /F as an example). This is very useful for remote maintenance.


Retrieve Detailed System Information

systeminfo

With this command, you can retrieve the following information:

* Host Name
* OS Name
* OS Version
* OS Manufacturer
* OS Configuration
* OS Build Type
* Registered Owner
* Registered Organization
* Product ID
* Original Install Date
* System Up Time
* System Manufacturer
* System Model
* System type
* Processor(s)
* BIOS Version
* Windows Directory
* System Directory
* Boot Device
* System Locale
* Input Locale
* Time Zone
* Total Physical Memory
* Available Physical Memory
* Virtual Memory Max Size
* Virtual Memory Available
* Virtual Memory In Use
* Page File Location(s)
* Domain
* Logon Server
* Hotfix(s)
* NetWork Card(s)


Schedule Defrag to Defragment C: Daily

schtasks /create /tn “Defrag C” /tr “defrag c: /f” /sc daily /st 02:00:00 /ru “System”

This will set your computer to automatically perform a complete defrag of the C: drive each day at 11:00:00 PM (23:00:00). It does this by creating a scheduled task called Defrag C. It will run this command under the computer’s system account.


Map A Drive Letter to a Folder

subst W: C:windows

Sometimes, your directory structure can get pretty deep and complicated. You can simplify this a bit by mapping a drive letter to commonly used folders. In the example that I have given, this will create a drive letter W: and map it to the C:windows directory. Then, whenever you go into My Computer, you will see a W: drive and when you browse to it, it will automatically take you to the contents of the C:windows folder.

You can do this with any unused drive letter and any folder that exists on your system.


List All Tasks Running On The Computer

tasklist

It’s always good to know what is running on your system. This is the command line version of the processes tab in Taks Manager.


Kill A Program

taskkill /im programname.exe /f

If, when using the tasklist command, you discover that there is something running you just want killed. This is the way to do it! Just note the program name and use it in place of programname.exe.


Reboot a Remote Computer

shutdown -r -f -m \remotePC -c “System will be rebooted in 30 seconds”

Sometimes, you just need to reboot a system. This will do it remotely and give the user a 30 second warning.


Schedule computer reboot

schtasks /create /tn “Reboot” /tr “shutdown /r /t 1” /sc once /st 01:00:00 /sd 08/18/2009 /ru “System”


cmd /c – Carries out the command specified by string and then terminates
&& – concatenates commands together

This way you can create a shortcut for short scripts without creating batch files.
e.g. a shortcut for stopping and starting the print spooler.

%windir%System32cmd.exe /c “net.exe stop Spooler && net start Spooler”


Sleep
No sleep command in Windows 2000/XP (AFAIK) unless you have the Resource Kit, and then you have to move extra files around with your scripts.
Simply use the ping command to wait predefined times. In this example it’s 10 seconds.

ping -n 10 127.0.0.1 > NUL 2>&1


Find
Windows answer to grep. Not as powerful but still useful.

e.g. In conjunction with systeminfo above to find out the Virtual Memory on the PC.

systeminfo find “Virtual Memory”

Categories
CLI Command Line Grep Linux Win 7 Win7 Windows Windows 2000 Windows 2003 Windows 7 Windows Vista Windows7

Windows (XP, Vista, Windows 7, 2003, 2008) Commands

Here is a great list Windows XP/2000 commands that will make any Linux user feel at home at the command prompt. A lot of these commands are intended for administrating a network, but they are great for savvy home users as well.

  • at – Windows Scheduling utility
  • bootcfg – This utility allows you to set up your boot options, such as your default OS and other loading options
  • cacls – Changes the ACLs (security Settings) of files and folders. Very similar to chmod in Linux.
  • comp – This utility is very similar to diff in Linux. Use the /? switch to get examples of command usage.
  • defrag – Yes, XP comes with a command line disk defrag utility. Here’s an example of how to create a scheduled task to defrag every day:

    schtasks /create /tn “Defrag C” /tr “defrag c: /f” /sc daily /st 04:30:00 /ru “System”

  • diskpart – Use this command to manage your disk partitions. This is the text version for the GUI Disk Manager.
  • driverquery – Produces a list of drivers, their properties, and their versions. Great for computer documentation.
  • eudcedit (unpublished) – Private Character editor. Yes with this program built into Windows XP you can create your own font!
  • findstr – Find String – similar to Linux’s Grep.
  • fsutil (unpublished) – This is a utility with a lot of capability. Come back soon for great examples.
  • getmac – This command gets the Media Access Control (MAC) address of your network cards.
  • gpresult – This generates a summary of the user settings and computer group policy settings.
  • gpupdate – Use this utility to manually apply computer and user policy from your windows 2000 (or newer) Active Directory domain.
  • ipconfig – This handy tool displays IP settings of the current computer and much more.
  • MMC – Microsoft Management Console. This is the master tool for Windows, it is the main interface in which all other tools use starting primarily in Windows 2000 and newer systems.
  • more- Utility used to display text output one screen at a time. Example:

    more c:windowswin.ini

  • msconfig – The ultimate tool to change the services and utilities that start when your Windows machine boots up. You can also copy the executable from XP and use it in Win2k.
  • msinfo32 – An awesome diagnostic tool. With it you can get a list of running processes, including the residing path of the executable (great for manually removing malware) and get detailed information about hardware and system diagnostics.
  • narrator – Turns on the system narrator (can also be found in accessibility options in control panel). Will will allow your computer to dictate text to you.
  • netsh – A network configuration tool console. At the ‘netsh>’ prompt, use the ‘?’ to list the available commands and type “exit” to get back to a command prompt.
  • netstat – A local network port tool – try netstat -ano.
  • nslookup – A DNS name resolution tool.
  • openfiles – Allows an administrator to display or disconnect open files in XP professional. Type “openfiles /?” for a list of possible parameters.
  • Pathping – A cross between the ping and traceroute utilities. Who needs Neotrace when you can use this? Type “pathping ” and watch it go.
  • recover – This command can recover readable information from a damaged disk and is very easy to use.
  • reg – A console registry tool, great for scripting Registry edits.
  • sc – A command line utility called the Service Controller. A power tool to make service changes via a logon/logoff or startup/shutdown script.
  • schtasks – A newer version of the AT command. This allows an administrator to schedule and manage scheduled tasks on a local and remote machines.
  • secedit – Use this utility to manually apply computer and user policy from your windows 2000 (or newer) domain. Example to update the machine policy: secedit /refreshpolicy machine_policy /enforce
    To view help on this, just type secedit.
    NOTE: In Windows XP SP1 and news, this command is superceded by: gpupdate /force
  • sfc – The system file checker scans important system files and replaces the ones you (or your applications) hacked beyond repair with the real, official Microsoft versions.
  • shutdown – With this tool, You can shut down or restart your own computer, or an administrator can shut down or restart a remote computer.
  • sigverif – With the sigverif tool you can have all driver files analyzed to verify that they are digitally signed. Just type ‘sigverif’ at the command prompt.
  • systeminfo – Basic system configuration information, such as the system type, the processor type, time zone, virtual memory settings, system uptime, and much more. This program is great for creating an inventory of computers on your network.
  • sysedit – System Configuration File Editor. An old tool that was very handy for the Windows 9X days. msconfig is what you want to use now.
  • tasklist – Tasklist is the command console equivalent to the task manager in windows. It is a must have when fighting malware and viruses. Try the command:

    tasklist /svc to view the memory resources your services take up.

  • taskkill – Taskkill contains the rest of the task manager functionality. It allows you to kill those unneeded or locked up applications.
  • tree – This command will provide a ‘family tree’ style display of the drive/folder you specify.
  • WMIC – Windows Management Instrumentation Command tool. This allows you to pull an amazing amount of low-level system information from a command line scripting interface.

Of course this list in note exhaustive, I just wanted to focus on tools that are particularly helpful that everyone might use. For the official list, please visit Microsoft Windows XP Pro Command Reference.

Categories
Linux Registry Win 7 Win7 Windows Windows 7 Windows7

Windows Registry Hives – HKCR, HKCU, HKLM, HKU, HKCC, and HKPD

Information stored in the Registry is divided into several predefined sections called “hives”. A registry hive is a top level registry key predefined by the Windows system to store registry keys for specific objectives.

On my Windows XP system, the Registry has 6 registry hives:

  • HKCR – Abbreviated from the registry key name HKEY_CLASSES_ROOT. HKCR stores information about registered applications, such as Associations from File Extensions and OLE Object Class IDs tying them to the applications used to handle these items.
  • HKCU – Abbreviated from the registry key name HKEY_CURRENT_USER. HKCU stores settings that are specific to the currently logged-in user. The HKCU key is a link to the subkey of HKEY_USERS that corresponds to the user; the same information is reflected in both locations.
  • HKLM – Abbreviated from the registry key name HKEY_LOCAL_MACHINE. HKLM stores settings that are general to all users on the computer. On my XP system, HKLM contains five subkeys, HARDWARE, SAM, SECURITY, SOFTWARE and SYSTEM.
  • HKU – Abbreviated from the registry key name HKEY_USERS. HKU contains subkeys corresponding to the HKEY_CURRENT_USER keys for each user registered on the machine.
  • HKCC – Abbreviated from the registry key name HKEY_CURRENT_CONFIG. HKCC contains information gathered at runtime; information stored in this key is not permanently stored on the hard disk, but rather regenerated at boot time.
  • HKPD – Abbreviated from the registry key name HKEY_PERFORMANCE_DATA. HKPD provides runtime information into performance data provided by either the operating system kernel itself or other programs that provide performance data. This key is not displayed in the Registry Editor, but it is visible through the registry functions in the Windows API.
Categories
Registry SourceForge Win 7 Win7 Windows Windows 2000 Windows 7 Windows Vista Windows7

RegShot – Windows Registry Compare Utility

Regshot is an open-source (GPL) Windows (2000, Windows XP, Windows Vista, Windows 7, Windows 2008) registry compare utility that allows you to quickly take a snapshot of your registry and then compare it with a second one – done after doing system changes or installing a new software product.

Download: http://sourceforge.net/projects/regshot/