Back

15 CMD Commands Every Windows User Should Know

Microsoft has slowly but surely pushed the line.

10 Windows Command Line Tips You Should Check Out

Drag and drop files for a full path

Tired of typing the long pathnames for files/folders buried deep inside a folder tree? Just drag and drop the file onto the command prompt window and you will get the full path and filename reveal to you.

Copy and paste from/to the command line

Click on the icon in the title bar and choose Edit > Mark. Now, drag over the area you want to copy, hit Enter and the text is copied to the clipboard. Similarly, you can click on the icon in the title bar and choose Paste to paste the text you already have on the clipboard. You can also do this by right-clicking inside the command prompt window

Hit F7 for command line history

Hit F7 and you will get a complete list of commands that you executed. Use the arrow keys to highlight the command you want to run again or just hit the number key corresponding to the command that you want to execute.

History keys

Use F1 to paste the previous command one character at a time, F2 (followed by a number) to paste the previous command up to the said number and F3 to paste the previous command.

Run multiple commands You can run multiple command by separating them with &&. Note that this doesn’t run the commands simultaneously. Instead, the command towards the left is run first and if it completes successfully then the second command will run. If the first command fails, then the second command will not run

Go fullscreen

Hit Alt+Enter and now you have the entire screen to enter your commands and view the output. Sadly,. this doesn’t work as expected in Vista and you might have to do some additional tinkering.

Change window size

So you thought you knew the previous one? How would you change the size of the window? Use the mode command. Use mode , to change the size of the window. For example, mode 100, 50 will make the window 100 characters wide and 50 lines high

Get help

Linux users turn to the man command when in doubt, while Windows users don’t have complete manuals to refer. All is not lost. You can get some help for most commands by using command /? or command –help. You can also use the help command to see a list of available commands (although the list is far from extensive).

Filter command output

If you are only interested in part of command output and don’t want to spend time scanning the entire output, you can pass the output over to the find command. eg use tasklist | find “firefox” to only list the entry for Firefox if it is running.

Sleep or pause for some time

If you have ever written a batch file and wanted to wait for a period of time before you start executing the next command, you might have been amazed to find the “sleep” command missing. You can however hack yourself a sleep command using ping! Use ping -n 5 127.0.0.1 > NUL 2>&1 to wait for 5 seconds. Be warned that the timing would not be exact so don’t just bet your life on it. aside in the Windows interface. This is not without reason, as it’s an antiquated and mostly unnecessary tool from an era of text-based input that has long passed.

But there still are some commands that remain useful, and Windows 8 even added new features. Here are the commands every Windows user needs to know.

In case you’re not sure how to access the command prompt, forgot basic commands, or would like to know how to see a list of  switches for each command, you can refer to our At TOP of page is beginners guide to the Windows command line for instructions.

ASSOC

assoccmd2

Most files in Windows are associated with a specific program that is assigned to open the file by default. At times, remembering these associations can become confusing. You can remind yourself by entering the command “assoc” to display a full list of file extensions and the programs they’re connected with.

You can also extend the command to change file associations. For example, “assoc .txt=” will change the file association for text files to whatever program you enter after the equal sign. The ASSOC command itself will reveal both the extension names and program names, which will help you properly use this command. You can probably do this more easily in the GUI, but the command line interface is a perfectly functional alternative.

Cipher

Deleting files on a mechanical hard drive  "How to securely delete your files" doesn’t really delete them at all. Instead, it marks the files as no longer accessible and the space they took up as free. The files remain recoverable until they’re overwritten with new data, which can take some time.

"5 Windows 7 Features You Didn't Know Existed">The cipher command, however, can be used to wipe a directory by writing random data to it. To wipe your C drive, for example, you’d use the command “cipher /w:c”, which will wipe free space on the drive. The command does not overwrite undeleted data, so you will not wipe out files you need by running this command.

There’s also a host of other cipher commands, however, they are generally redundant with Bitlocker enabled versions of Windows.

Driverquery

Drivers remain among the most important software installed on a PC. Improperly configured or missing drivers can cause all sorts of trouble, so its good to have access to a list of what’s on your PC. That’s exactly what the “driverquery” command does. You can extend it to “driverquery -v” to obtain more information including the directory in which the driver is installed.

File Compare

This command can be used to identify differences in text between two files, and is particularly useful for writers and programmers trying to find small changes between two versions of a file. Simply type “fc” and then the directory path and file name of the two files you want to compare.

You can also extend the command in several ways. Typing “/b” compares only binary output, “/c” disregards the case of text in the comparison, and “/l” only compares ASCII text.

So, for example, you could use the following:

fc /l "C:\Program Files (x86)\example1.doc" "C:\Program Files (x86)\example2.doc"

to compare ASCII text in two word documents.

Ipconfig

This command relays the IP address that your computer is currently using. However, if you’re behind a router (like most computers today), you’ll instead receive the local network address of the router.

Still, ipconfig is useful because of its extensions. “ipconfig /release” followed by “ipconfig /renew” can force your Windows PC into asking for a new IP address, which is useful if your computer claims one isn’t available. You can also use “ipconfig /flushdns” to refresh your DNS address. These commands are great if the Windows network troubleshooter chokes, which does happen on occasion.

Netstat

Entering the command “netstat -an” will provide you with a list of currently open ports and related IP addresses. You’ll also be told what state the port is in – listening, established or closed. This is a great command if you’re trying to troubleshoot the devices your PC is connected to or you’re afraid you’re infected with a Trojan and are trying to locate a malicious connection.

Ping

Sometimes, you need to know whether or not packets are making it to a specific networked device. That’s where ping comes in handy. Typing “ping” followed by an IP address or web domain will send a series of test packets to the specified address. If they arrive and are returned, you know the device is capable of communicating with your PC; if it fails, you know that there’s something blocking communication between the device and your computer. This can help you decide if an issue is caused by improper configuration or a failure of network hardware.

Pathping

This is a more advanced version of ping that’s useful if there are multiple routers between your PC and the device you’re testing. Like ping, you use this command by typing “pathping” followed by the IP address, but unlike ping, pathping also relays some information about the route the test packets take.

Tracert

The “tracert” command is similar to pathping. Once again, type “tracert” followed by the IP address or domain you’d like to trace. You’ll receive information about each step in the route between your PC and the target. Unlike pathping, however, tracert also tracks how much time (in milliseconds) each hop between servers or devices takes.

Powercfg

Powercfg is a very powerful command for managing and tracking how your computer uses energy. You can use the command “powercfg /hibernate on” and “powercfg /hibernate off” to manage hibernation, and you can also use the command “powercfg /a” to view the power-saving states currently available on your PC.

Another useful command is “powercfg /devicequery s1_supported” which displays a list of devices on your computer that support connected standby. When enabled, these devices can be used to bring your computer out of standby – even remotely. You can enable this by selecting the device in Device Manager, opening its properties, going to the Power Management tab and then checking the “Allow this device to wake the computer” box.

“Powercfg /lastwake” will show you what device last woke your PC from a sleep state. You can use this command to troubleshoot your PC if it seems to wake from sleep at random.

The “powercfg /energy” command can be used to build a detailed power consumption report for your PC, which is output to a directory indicated after the command finishes. This report will let you know of any system faults that might increase power consumption, like devices that are blocking certain sleep modes, or which aren’t properly configured to respond to your power management settings.

Windows 8 added “powercfg /batteryreport”, which provides a detailed analysis of battery use, if applicable. Normally output to your Windows user directory, the report provides details about the time and length of charge and discharge cycles, lifetime average battery life, and estimated battery capacity.

Shutdown

As of Windows 8/8.1 there is now a shutdown command that – you guessed it! – shuts down your computer. This is of course redundant with the already easily accessed shutdown button, but what’s not redundant is the “shutdown /r /o” command, which restarts your PC and launches the Advanced Start Options menu, which is where you can access Safe Mode and Windows recovery utilities. This is useful if you want to restart your computer for troubleshooting purposes.

System File Checker

System File Checker is an automatic scan and repair tool that focuses on Windows system files. You will need to run the command prompt with administrator privileges and enter the command “sfc /scannow”. If any corrupt or missing files are found, they’ll be automatically replaced using cached copies kept by Windows for just that purpose. The command can require a half-hour to run on older notebooks.

Recovery Image

Virtually all Windows 8/8.1 computers ship from the factory with a recovery image, but the image may include bloatware you’d rather not have re-installed. Once you’ve un-installed the software you can create a new image using the “recimg” command. Entering this command presents a very detailed explanation of how to use it. You must have administrator privileges to use the recimg command, and you can only access the custom recovery image you create via the Windows 8 “refresh” feature.

Tasklist

The “tasklist” command can be used to provide a current list of all tasks running on your PC. Though somewhat redundant with How to properly use Windows Task Manager Task Manager, the command may sometimes find tasks hidden from view in that utility.

There’s also a wide range of modifiers. “Tasklist -svc” shows services related to each task, “tasklist -v” can be used to obtain more detail on each task, and “tasklist -m” can be used to locate .dll files associated with active tasks. These commands are useful for advanced troubleshooting.

Taskkill

Tasks that appear in the “tasklist” command will have an executable and process ID (a four-digit number) associated with them. You can force stop a program using “taskkill -im” followed by the executable’s name, or “taskkill -pid” followed by the process ID. Again, this is a bit redundant with Task Manager, but may be used to kill otherwise unresponsive or hidden programs.

How To Securely Delete Files From Your HDD Or SSD In Windows

When you hit the delete button, where does that file go? Does it just evaporate and leave a blank space on your drive? If you’ve been around computers long enough, you know that’s not what happens. But if you’re mostly an email and Facebook type of computer user, you might not know, or not even thought about it. You should think about it though, for a couple reasons. The first reason is so that you know you might be able to recover an accidentally deleted file. The second reason is so you know that, if you can recover a file you deleted, so can someone else.

What Happens To A File When It is Deleted

Hard Disk Drives (HDDs)

When you delete a file it goes to the Recycle Bin. That gives you a chance to recover it in case you accidentally deleted it and need it back. But what happens when you delete it from the Recycle Bin? Actually, not much at all. The file doesn’t move or go anywhere. In fact, when you moved it to the Recycle Bin, it didn’t physically move there either. All that happened was an index got updated to say that the file is in the Recycle Bin, not the Documents folder. The index is called the Master File Table (MFT) for Hard Disk Drives. It looks like this. The left-most column are the block addresses. The middle column shows data in hex code. the right column shows what that data would like as plain text.

When the file is ‘deleted’ the information stays on the drive, but the MFT is changed to say, “Hey, you know that spot where Secret-File.txt was? Yeah, Computer, you can now put data there if you want. We don’t need it anymore.” Until the computer puts data in that spot, the Secret-File.txt data remains. It could be minutes, days, weeks, or months until that data is overwritten. Kind of like a condemned house sitting on a lot. It’s not usable, but it’s still there until the bulldozer comes and they build something else. Here’s an example. The left column shows red Xs for MFT locations that have been set to be overwritten, the one with the page icon is marked to stay. The right column shows the data that is still in that location, even though you can’t find it with Windows Explorer. See the problem with ordinary deletes now?

Solid State Drives (SSDs)

It’s not exactly the same for Solid State Drives. SSDs are always shifting files around, randomly. So, figuratively speaking, if you deleted a file from location 2871, the deleted info may, sooner or later, get moved off to another random location, until at some point in time the SSD decides to finally overwrite that file. How do you target the old file for secure deletion on an SSD, then? Well, you can’t really. A group of engineers at the University of California studied how difficult it is to erase data from an SSD. Trying to securely erase a single file left behind anywhere from 4 to 75% of the information. And it’s tough on the drive. What you can do is make sure you encrypt your SSD, and make sure that you’ve got an SSD drive with TRIM capability.

This isn’t a problem for most people, but you might be concerned that people could still access that deleted information. Maybe you handle sensitive medical documents, or you’re an international art thief, or just a little paranoid like me. How do you securely get rid of that data, immediately and forever?

What is ‘Secure’?

Before we get into the nuts and bolts of secure data deletion, we need to look at what secure means. Secure means whatever you think it means. If you’re happy with the level of security you have, then it’s secure. If the data you don’t want recovered isn’t life threatening, then the measures you take to delete it don’t need to be as severe as deleting the security codes for the last sample of smallpox off the CDC’s servers. Let’s take a look at the methods in order of least secure to most secure. Until we get to entire drive deletion, these methods will only apply to traditional HDDs.

Least Secure Method

Simply delete the file in your Windows Explorer and empty the Recycle Bin. Unless you think someone is going to come along with data recovery software and look for that file in the next week or so, that will probably be secure enough. Examples of information like this could be anything from a silly animated GIF to a letter to your Nan. You really should write to her. She misses you, you know.

Mildly Secure Method (HDD Only)

As we talked about, overwriting data is a pretty good way to obscure the old data. You can do this on a file by file basis with programs that are commonly referred to as file shredders. Although the interfaces for these utilities can differ, the method of operation is essentially the same – delete the old file, then write zeroes to the places on the HDD where the file used to be. These tools are only mildly secure, because you have to make sure you use them when you need them. If you want to securely delete a file with your Social Security Number on it, but forget to use the shredder, that info will still be sitting on your drive for awhile.

Examples of use for this method is where the person occasionally deals with sensitive information that pertains only to them. It might be the odd copy of a tax return, or a bank statement that you want to delete. That’s where file shredders are most handy.

Moderately Secure Method (HDD Only)

A more moderately secure method to delete information from your drives is to use software that allows you to wipe free space on your drives. CCleaner is a favourite for this task. When you choose the Wipe Free Space option, it writes zeroes to the blocks where files used to be. The difference between this and the shredders is that wiping free space takes care of ALL deleted files. It’s just that little bit more thorough. The catch is that this method takes a fair bit of time and should be scheduled or you’ll forget to do it frequently enough.

Examples of good uses for this are for people who frequently delete files that are quite sensitive. Maybe they are heavy online bankers or do some online trading. Perhaps they have just backed up their important info to an encrypted external drive and don’t need it on the computer anymore.

Most Secure Method (HDD & SSD)

The most secure methods are really for deleting the entire contents of a drive. Yet again, because of the differences between HDDs and SSDs, the same methods don’t apply to both. Chose the appropriate one for your drive and situation. Examples where you’d want to go to this level include switching to a new computer which will have the info, but you’re keeping, selling, or disposing of the old computer. Perhaps you are re-purposing a computer from an information-sensitive use to a more day-to-day use.

HDD – Formatting

Formatting is a catch-all term for a few different things. It can mean simply deleting the MFT so it appears like all the data is gone, but it isn’t. It’s still there and intact until overwritten. Or, it can mean true formatting, known as low-level formatting, which overwrites all the data with zeroes. You can’t low-level format your entire hard drive from within Windows. You’ll need a formatting utility that you can boot your computer into, like Darik’s Boot and Nuke.

You might be tempted to choose one of the hardcore multipass methods, but that’s probably going to be overkill. Especially if you want it done quick and don’t want to shorten the life of your hard drive. The RCMP TSSIT OPS-II or DoD Short methods are sufficient. RCMP is the Royal Canadian Mounted Police and the DoD is the British Department of Defence. Good enough for them should be good enough for you.

SSD – Manufacturer’s Utility

Most SSD manufacturers have a utility for managing and securely erasing their SSDs. Tim Brookes was kind enough to compile a list of links for the top manufacturers in his article, How To Securely Erase Your SSD Without Destroying It.

Download: Intel Solid State Toolbox / OCZ Toolbox / Corsair SSD Toolbox / Samsung Magician / SanDisk SSD Toolkit

Paranoid Method (HDD and SSD)

The National Institute of Science and Technology has a policy to deal with the destruction of extremely sensitive data. It’s even more aggressive than what the RCMP or DoD use, so it will destroy your data to the point where not even Sherlock Holmes riding on Hercule Poirot’s back with Frank Columbo leading them around would get anything out of it. Disintergrate. Shred. Pulverize. Incinerate.

That’s not hyperbole, that’s NIST’s actual standard. Oh, and to meet the grade you have to find a NIST licensed incinerator to do the job. That job in the picture above wouldn’t be good enough.

What Will You Do?

You’ve got the knowledge and some resources now. It’s up to you what you will do with them. However, if you’re not already using several techniques to keep your information safe from prying eyes, secure deletion shouldn’t be your first concern. If someone already has your info, it doesn’t matter how you delete your copy. What method do you use to delete files securely? Are you happy with it? Ever not been able to delete a file?
Go to top