Microsoft has slowly but surely pushed the command line aside in the Windows interface. This is not without reason, as it’s an antiquated and mostly unnecessary tool from an era of text-based input that has long passed.
But there still are some commands that remain useful, and Windows 8 even added new features. Here are the commands every Windows user needs to know.
In case you’re not sure how to access the command prompt, forgot basic commands, or would like to know how to see a list of switches for each command, you can refer to our beginners guide to the Windows command line for instructions.
ASSOC
Most files in Windows are associated with a specific program that is assigned to open the file by default. At times, remembering these associations can become confusing. You can remind yourself by entering the command “assoc” to display a full list of file extensions and the programs they’re connected with.
You can also extend the command to change file associations. For example, “assoc .txt=” will change the file association for text files to whatever program you enter after the equal sign. The ASSOC command itself will reveal both the extension names and program names, which will help you properly use this command. You can probably do this more easily in the GUI, but the command line interface is a perfectly functional alternative.
Cipher
Deleting files on a mechanical hard drive doesn’t really delete them at all. Instead, it marks the files as no longer accessible and the space they took up as free. The files remain recoverable until they’re overwritten with new data, which can take some time.
The cipher command, however, can be used to wipe a directory by writing random data to it. To wipe your C drive, for example, you’d use the command “cipher /w:c”, which will wipe free space on the drive. The command does not overwrite undeleted data, so you will not wipe out files you need by running this command.
There’s also a host of other cipher commands, however, they are generally redundant with Bitlocker enabled versions of Windows.
Driverquery
Drivers remain among the most important software installed on a PC. Improperly configured or missing drivers can cause all sorts of trouble, so its good to have access to a list of what’s on your PC. That’s exactly what the “driverquery” command does. You can extend it to “driverquery -v” to obtain more information including the directory in which the driver is installed.
File Compare
This command can be used to identify differences in text between two files, and is particularly useful for writers and programmers trying to find small changes between two versions of a file. Simply type “fc” and then the directory path and file name of the two files you want to compare.
You can also extend the command in several ways. Typing “/b” compares only binary output, “/c” disregards the case of text in the comparison, and “/l” only compares ASCII text.
So, for example, you could use the following:
fc /l “C:\Program Files (x86)\example1.doc” “C:\Program Files (x86)\example2.doc”
to compare ASCII text in two word documents.
Ipconfig
This command relays the IP address that your computer is currently using. However, if you’re behind a router (like most computers today), you’ll instead receive the local network address of the router.
Still, ipconfig is useful because of its extensions. “ipconfig /release” followed by “ipconfig /renew” can force your Windows PC into asking for a new IP address, which is useful if your computer claims one isn’t available. You can also use “ipconfig /flushdns” to refresh your DNS address. These commands are great if the Windows network troubleshooter chokes, which does happen on occasion.
Netstat
Entering the command “netstat -an” will provide you with a list of currently open ports and related IP addresses. You’ll also be told what state the port is in – listening, established or closed. This is a great command if you’re trying to troubleshoot the devices your PC is connected to or you’re afraid you’re infected with a Trojan and are trying to locate a malicious connection.
Ping
Sometimes, you need to know whether or not packets are making it to a specific networked device. That’s where ping comes in handy. Typing “ping” followed by an IP address or web domain will send a series of test packets to the specified address. If they arrive and are returned, you know the device is capable of communicating with your PC; if it fails, you know that there’s something blocking communication between the device and your computer. This can help you decide if an issue is caused by improper configuration or a failure of network hardware.
Pathping
This is a more advanced version of ping that’s useful if there are multiple routers between your PC and the device you’re testing. Like ping, you use this command by typing “pathping” followed by the IP address, but unlike ping, pathping also relays some information about the route the test packets take.
Tracert
The “tracert” command is similar to pathping. Once again, type “tracert” followed by the IP address or domain you’d like to trace. You’ll receive information about each step in the route between your PC and the target. Unlike pathping, however, tracert also tracks how much time (in milliseconds) each hop between servers or devices takes.
Powercfg
Powercfg is a very powerful command for managing and tracking how your computer uses energy. You can use the command “powercfg /hibernate on” and “powercfg /hibernate off” to manage hibernation, and you can also use the command “powercfg /a” to view the power-saving states currently available on your PC.
Another useful command is “powercfg /devicequery s1_supported” which displays a list of devices on your computer that support connected standby. When enabled, these devices can be used to bring your computer out of standby – even remotely. You can enable this by selecting the device in Device Manager, opening its properties, going to the Power Management tab and then checking the “Allow this device to wake the computer” box.
“Powercfg /lastwake” will show you what device last woke your PC from a sleep state. You can use this command to troubleshoot your PC if it seems to wake from sleep at random.
The “powercfg /energy” command can be used to build a detailed power consumption report for your PC, which is output to a directory indicated after the command finishes. This report will let you know of any system faults that might increase power consumption, like devices that are blocking certain sleep modes, or which aren’t properly configured to respond to your power management settings.
Windows 8 added “powercfg /batteryreport”, which provides a detailed analysis of battery use, if applicable. Normally output to your Windows user directory, the report provides details about the time and length of charge and discharge cycles, lifetime average battery life, and estimated battery capacity.
Shutdown
As of Windows 8/8.1 there is now a shutdown command that – you guessed it! – shuts down your computer. This is of course redundant with the already easily accessed shutdown button, but what’s not redundant is the “shutdown /r /o” command, which restarts your PC and launches the Advanced Start Options menu, which is where you can access Safe Mode and Windows recovery utilities. This is useful if you want to restart your computer for troubleshooting purposes.
System File Checker
System File Checker is an automatic scan and repair tool that focuses on Windows system files. You will need to run the command prompt with administrator privileges and enter the command “sfc /scannow”. If any corrupt or missing files are found, they’ll be automatically replaced using cached copies kept by Windows for just that purpose. The command can require a half-hour to run on older notebooks.
Recovery Image
Virtually all Windows 8/8.1 computers ship from the factory with a recovery image, but the image may include bloatware you’d rather not have re-installed. Once you’ve un-installed the software you can create a new image using the “recimg” command. Entering this command presents a very detailed explanation of how to use it. You must have administrator privileges to use the recimg command, and you can only access the custom recovery image you create via the Windows 8 “refresh” feature.
Tasklist
The “tasklist” command can be used to provide a current list of all tasks running on your PC. Though somewhat redundant with Task Manager, the command may sometimes find tasks hidden from view in that utility.
There’s also a wide range of modifiers. “Tasklist -svc” shows services related to each task, “tasklist -v” can be used to obtain more detail on each task, and “tasklist -m” can be used to locate .dll files associated with active tasks. These commands are useful for advanced troubleshooting.
Taskkill
Tasks that appear in the “tasklist” command will have an executable and process ID (a four-digit number) associated with them. You can force stop a program using “taskkill -im” followed by the executable’s name, or “taskkill -pid” followed by the process ID. Again, this is a bit redundant with Task Manager, but may be used to kill otherwise unresponsive or hidden programs.
Conclusion
This article doesn’t cover every Windows command available. There are literally hundreds of them when all variables are included. Most, however, are no longer useful because they’ve been replaced by more convenient menus in the Windows GUI or simply aren’t commonly used (telnet, for example).
You can check out our Windows command cheat sheet for an expanded list ordownload Microsoft’s command line reference guide for advanced support and troubleshooting.
Which commands do you find yourself using frequently?
hackers academy 