Microsoft has slowly pushed aside CMD commands in the Windows interface. This is not without reason; it is an antiquated and mostly unnecessary tool from an era of text-based input. But many commands remain useful, and Windows 8 and 10 even added new features.
Here we present the essential commands every Windows user needs to know.
Windows Command Prompt Commands
Most files in Windows are associated with a specific program that is assigned to open the file by default. At times, remembering these associations can become confusing. You can remind yourself by entering the command “assoc” to display a full list of file name extensions and program associations.
You can also extend the command to change file associations. For example, “assoc .txt=” will change the file association for text files to whatever program you enter after the equal sign. The “Assoc” command itself will reveal both the extension names and program names, which will help you properly use this command. You can probably do this more easily in the GUI, but the command line interface is a perfectly functional alternative.
Deleting files on a mechanical hard drive doesn’t really delete them at all. Instead, it marks the files as no longer accessible and the space they took up as free. The files remain recoverable until the system overwrites them with new data, which can take some time.
The cipher command, however, wipes a directory by writing random data to it. To wipe your C drive, for example, you’d use the command “cipher /w:c”, which will wipe free space on the drive. The command does not overwrite undeleted data, so you will not wipe out files you need by running this command.
You can use a host of other cipher commands, however, they are generally redundant with BitLocker enabled versions of Windows.
You can use this command to identify differences in text between two files. It’s particularly useful for writers and programmers trying to find small changes between two versions of a file. Simply type “fc” and then the directory path and file name of the two files you want to compare.
You can also extend the command in several ways. Typing “/b” compares only binary output, “/c” disregards the case of text in the comparison, and “/l” only compares ASCII text.
So, for example, you could use the following:
fc /l "C:\Program Files (x86)\example1.doc" "C:\Program Files (x86)\example2.doc"
The above command compares ASCII text in two word documents.
This command relays the IP address that your computer is currently using. However, if you’re behind a router (like most computers today), you’ll instead receive the local network address of the router.
Still, ipconfig is useful because of its extensions. “ipconfig /release” followed by “ipconfig /renew” can force your Windows PC into asking for a new IP address, which is useful if your computer claims one isn’t available. You can also use “ipconfig /flushdns” to refresh your DNS address. These commands are great if the Windows network troubleshooter chokes, which does happen on occasion.
Entering the command “netstat -an” will provide you with a list of currently open ports and related IP addresses. This command will also tell you what state the port is in – listening, established or closed.
This is a great command for when you’re trying to troubleshoot devices connected to your PC or when you fear a Trojan infected your system and you’re trying to locate a malicious connection.
Sometimes, you need to know whether or not packets are making it to a specific networked device. That’s where ping comes in handy.
Typing “ping” followed by an IP address or web domain will send a series of test packets to the specified address. If they arrive and are returned, you know the device is capable of communicating with your PC; if it fails, you know that there’s something blocking communication between the device and your computer. This can help you decide if the root of the issue is an improper configuration or a failure of network hardware.
This is a more advanced version of ping that’s useful if there are multiple routers between your PC and the device you’re testing. Like ping, you use this command by typing “pathping” followed by the IP address, but unlike ping, pathping also relays some information about the route the test packets take.
The “tracert” command is similar to pathping. Once again, type “tracert” followed by the IP address or domain you’d like to trace. You’ll receive information about each step in the route between your PC and the target. Unlike pathping, however, tracert also tracks how much time (in milliseconds) each hop between servers or devices takes.
Powercfg is a very powerful command for managing and tracking how your computer uses energy. You can use the command “powercfg hibernate on” and “powercfg hibernate off” to manage hibernation, and you can also use the command “powercfg /a” to view the power-saving states currently available on your PC.
Another useful command is “powercfg /devicequery s1_supported”, which displays a list of devices on your computer that support connected standby. When enabled, you can use these devices to bring your computer out of standby — even remotely. You can enable this by selecting the device in Device Manager, opening its properties, going to the Power Management tab and then checking the Allow this device to wake the computer box.
“Powercfg /lastwake” will show you what device last woke your PC from a sleep state. You can use this command to troubleshoot your PC if it seems to wake from sleep at random.
You can use the “powercfg /energy” command to build a detailed power consumption report for your PC. The report saves to the directory indicated after the command finishes. This report will let you know of any system faults that might increase power consumption, like devices blocking certain sleep modes, or poorly configured to respond to your power management settings.
Windows 8 added “powercfg /batteryreport”, which provides a detailed analysis of battery use, if applicable. Normally output to your Windows user directory, the report provides details about the time and length of charge and discharge cycles, lifetime average battery life, and estimated battery capacity.
This is, of course, redundant with the already easily accessed shutdown button, but what’s not redundant is the “shutdown /r /o” command, which restarts your PC and launches the Advanced Start Options menu, which is where you can access Safe Mode and Windows recovery utilities. This is useful if you want to restart your computer for troubleshooting purposes.
This command will give you a detailed configuration overview of your computer. The list covers your operating system and hardware. For example, you can look up the original Windows installation date, the last boot time, your BIOS version, total and available memory, installed hotfixes, network card configurations, and more.
Use “systeminfo /s” followed by the host name of a computer on your local network, to remotely grab the information for that system. This may require additional syntax elements for the domain, user name, and password, like this: “systeminfo /s [host_name] /u [domain]\[user_name] /p [user_password]”
You will need to run the command prompt with administrator privileges and enter the command “sfc /scannow”. If SFC finds any corrupt or missing files, it will automatically replace them using cached copies kept by Windows for this purpose alone. The command can require a half-hour to run on older notebooks.
You can use the “tasklist” command to provide a current list of all tasks running on your PC. Though somewhat redundant with Task Manager, the command may sometimes find tasks hidden from view in that utility.
There’s also a wide range of modifiers. “Tasklist -svc” shows services related to each task, use “tasklist -v” to obtain more detail on each task, and “tasklist -m” will locate .dll files associated with active tasks. These commands are useful for advanced troubleshooting.
Tasks that appear in the “tasklist” command will have an executable and process ID (a four- or five-digit number) associated with them. You can force stop a program using “taskkill -im” followed by the executable’s name, or “taskkill -pid” followed by the process ID. Again, this is a bit redundant with Task Manager, but you can use it to kill otherwise unresponsive or hidden programs.
Windows 8 Only: Recovery Image
Virtually all Windows 8/8.1 computers ship from the factory with a recovery image, but the image may include bloatware you’d rather not have re-installed. Once you’ve un-installed the software you can create a new image using the “recimg” command. Entering this command presents a very detailed explanation of how to use it.
You must have administrator privileges to use the “recimg” command, and you can only access the custom recovery image you create via the Windows 8 “refresh” feature.
CMD Commands Recommended by Readers
These are the commands our readers use regularly:
- nbstat: “For looking up names of computers on your network.” (Vferg)
- netstat -ano | find “est”: “To get a list of processes with established CP connections.” (Eric)
- tasklist | find “[process id]”: “To get the name of the executable associated with the particular process id that I’m interested in.” (Eric)
- cacls: This command is “most handy to manually access hidden files and folder. (A41202813)
- net use: “To map drives of networked CNC machines.” (Jimbo)
- chkdsk /f C: “Checks your C: partition hard disk for errors and fixes bad sectors.” (Kai M)
- Schtasks: To schedule tasks. (Teddy)
Command and Conquer Your Windows PC
This article can only give you a taste of what’s hidden within the Windows command line. When including all variables, there are literally hundreds of commands. Download Microsoft’s command line reference guide (in Edge or Internet Explorer) for advanced support and troubleshooting.