XP - CMD COMMANDS

XP commands

ADDUSERS Add or list users to/from a CSV file ARP Address Resolution Protocol ~ ASSOC Change file extension associations ASSOCIAT One step file association AT Schedule a command to run at a later time ATTRIB Change file attributes b BOOTCFG Edit Windows boot settings BROWSTAT Get domain, browser and PDC info c CACLS Change file permissions ~ CALL Call one batch program from another ~ CD Change Directory - move to a specific Folder CHANGE Change Terminal Server Session properties CHKDSK Check Disk - check and repair disk problems CHKNTFS Check the NTFS file system CHOICE Accept keyboard input to a batch file CIPHER Encrypt or Decrypt files/folders CleanMgr Automated cleanup of Temp files, recycle bin CLEARMEM Clear memory leaks CLIP Copy STDIN to the Windows clipboard. ~ CLS Clear the screen CLUSTER Windows Clustering CMD Start a new CMD shell ~ COLOR Change colors of the CMD window COMP Compare the contents of two files or sets of files COMPACT Compress files or folders on an NTFS partition COMPRESS Compress individual files on an NTFS partition CON2PRT Connect or disconnect a Printer CONVERT Convert a FAT drive to NTFS. ~ COPY Copy one or more files to another location CSCcmd Client-side caching (Offline Files) CSVDE Import or Export Active Directory data d ~ DATE Display or set the date Dcomcnfg DCOM Configuration Utility DEFRAG Defragment hard drive ~ DEL Delete one or more files DELPROF Delete NT user profiles DELTREE Delete a folder and all subfolders DevCon Device Manager Command Line Utility ~ DIR Display a list of files and folders DIRUSE Display disk usage DISKCOMP Compare the contents of two floppy disks DISKCOPY Copy the contents of one floppy disk to another DISKPART Disk Administration DNSSTAT DNS Statistics DOSKEY Edit command line, recall commands, and create macros DSADD Add user (computer, group..) to active directory DSQUERY List items in active directory DSMOD Modify user (computer, group..) in active directory e ~ ECHO Display message on screen ~ ENDLOCAL End localisation of environment changes in a batch file ~ ERASE Delete one or more files ~ EXIT Quit the current script/routine and set an errorlevel. EXPAND Uncompress files EXTRACT Uncompress CAB files f FC Compare two files FIND Search for a text string in a file FINDSTR Search for strings in files ~ FOR /F Loop command: against a set of files ~ FOR /F Loop command: against the results of another command ~ FOR Loop command: all options Files, Directory, List FORFILES Batch process multiple files FORMAT Format a disk FREEDISK Check free disk space (in bytes) FSUTIL File and Volume utilities FTP File Transfer Protocol ~ FTYPE Display or modify file types used in file extension associations g GLOBAL Display membership of global groups ~ GOTO Direct a batch program to jump to a labelled line h HELP Online Help i ~ IF Conditionally perform a command IFMEMBER Is the current user in an NT Workgroup IPCONFIG Configure IP k KILL Remove a program from memory l LABEL Edit a disk label LOCAL Display membership of local groups LOGEVENT Write text to the NT event viewer. LOGOFF Log a user off LOGTIME Log the date and time in a file m MAPISEND Send email from the command line MBSAcli Baseline Security Analyzer. MEM Display memory usage ~ MD Create new folders MKLINK Create a symbolic link (linkd) MODE Configure a system device MORE Display output, one screen at a time MOUNTVOL Manage a volume mount point ~ MOVE Move files from one folder to another MOVEUSER Move a user from one domain to another MSG Send a message MSIEXEC Microsoft Windows Installer MSINFO Windows NT diagnostics MSTSC Terminal Server Connection (Remote Desktop Protocol) MUNGE Find and Replace text within file(s) MV Copy in-use files n NET Manage network resources NETDOM Domain Manager NETSH Configure network protocols NETSVC Command-line Service Controller NBTSTAT Display networking statistics (NetBIOS over TCP/IP) NETSTAT Display networking statistics (TCP/IP) NOW Display the current Date and Time NSLOOKUP Name server lookup NTBACKUP Backup folders to tape NTRIGHTS Edit user account rights p ~ PATH Display or set a search path for executable files PATHPING Trace route plus network latency and packet loss ~ PAUSE Suspend processing of a batch file and display a message PERMS Show permissions for a user PERFMON Performance Monitor PING Test a network connection ~ POPD Restore the previous value of the current directory saved by PUSHD PORTQRY Display the status of ports and services PRINT Print a text file PRNCNFG Display, configure or rename a printer PRNMNGR Add, delete, list printers set the default printer ~ PROMPT Change the command prompt PsExec Execute process remotely PsFile Show files opened remotely PsGetSid Display the SID of a computer or a user PsInfo List information about a system PsKill Kill processes by name or process ID PsList List detailed information about processes PsLoggedOn Who's logged on (locally or via resource sharing) PsLogList Event log records PsPasswd Change account password PsService View and control services PsShutdown Shutdown or reboot a computer PsSuspend Suspend processes ~ PUSHD Save and then change the current directory q QGREP Search file(s) for lines that match a given pattern. r RASDIAL Manage RAS connections RASPHONE Manage RAS connections RECOVER Recover a damaged file from a defective disk. REG Registry: Read, Set, Export, Delete keys and values REGEDIT Import or export registry settings REGSVR32 Register or unregister a DLL REGINI Change Registry Permissions ~ REM Record comments (remarks) in a batch file ~ REN Rename a file or files. REPLACE Replace or update one file with another ~ RD Delete folder(s) RMTSHARE Share a folder or a printer ROBOCOPY Robust File and Folder Copy ROUTE Manipulate network routing tables RUNAS Execute a program under a different user account RUNDLL32 Run a DLL command (add/remove print connections) s SC Service Control SCHTASKS Create or Edit Scheduled Tasks SCLIST Display NT Services ~ SET Display, set, or remove environment variables ~ SETLOCAL Control the visibility of environment variables SETX Set environment variables permanently SHARE List or edit a file share or print share ~ SHIFT Shift the position of replaceable parameters in a batch file SHORTCUT Create a windows shortcut (.LNK file) SHOWGRPS List the NT Workgroups a user has joined SHOWMBRS List the Users who are members of a Workgroup SHUTDOWN Shutdown the computer SLEEP Wait for x seconds SOON Schedule a command to run in the near future SORT Sort input ~ START Start a program or command in a separate window. SU Switch User SUBINACL Edit file and folder Permissions, Ownership and Domain SUBST Associate a path with a drive letter SYSTEMI NFO List system configuration t TASKLIST List running applications and services TASKKILL Remove a running process from memory ~ TIME Display or set the system time TIMEOUT Delay processing of a batch file ~ TITLE Set the window title for a CMD.EXE session TOUCH Change file timestamps TRACERT Trace route to a remote host TREE Graphical display of folder structure ~ TYPE Display the contents of a text file u USRSTAT List domain usernames and last login v ~ VER Display version information ~ VERIFY Verify that files have been saved ~ VOL Display a disk label w WHERE Locate and display files in a directory tree WHOAMI Output the current UserName and domain WINDIFF Compare the contents of two files or sets of files WINMSD Windows system diagnostics WINMSDP Windows system diagnostics II WMIC WMI Commands x XCACLS Change file permissions XCOPY Copy files and folders ~ :: Comment / Remark Commands marked ~ are Internal commands only available within the CMD shell, all other commands may be used under PowerShell. Many internal commands such as COPY and DEL are available under Powershell as cmdlets but with different syntax / options. Microsoft Help pages: Windows XP - 2003 Server - 2008 Server

Increase Broadband Speed Using Simple Tweak

Increase Broadband Speed Using Simple TweakA Simple Tweak (XP Pro only) which will increase your Broadband Speed.Make sure you Log on as Administrator, not as a user with Administrator privileges.Follow the steps as given below-
1) Click on Start Button.
2) Select Run From Start Menu.
3) Type gpedit.msc
4) Expand the [Administrative Templates] branch.
5) Then Expand the [Network] branch.
6) Highlight(Select by Single Click) [QoS Packet Scheduler]
7) Double-click [Limit Reservable Bandwidth] (Available in Right Side Panel)
8) Check(Select By Single Click on it) [Enabled]
9) Change [Bandwidth limit %] to 0 %
10) Click [OK] Button.
11) Restart Your PC.
12) Now Check Your Broadband Speed.

Vodafone Hack For Free GPRS

This method has been tested on different mobiles and has been confirmed to be working.Followng are the Settings you require to configure on your Mobile:
Account Name: Vodafone_gprs
Homepage: http://live.vodafone.in
User Name: (no need)
Pass: (no need)
Access Point Settings:-
Proxy: Enabled
Proxy Address: 10.10.1.100
Proxy Port: 9401
Data Bearer: PacketData
Bearer Settings:-
Packet Data Access Point: portalnmms
Network type: IPV4
Authentication: normal
User Name: (no need)
Password: (no need)*
IF that happen this settings is not working then change the proxy port number to:-
Proxy Port: 9401

How to cleanup hard disc

Deleting unwanted files from hard disc:
Dear friends this problem occurs only when you dont install files proprly in your system.It is difficult to delete those files which are not install proprly in your system.A simple procedure to delete or clean up unnecessary files form your system.Just follow the below steps to clean up your system.
Click on start>Go to accessories>System tools>and then click on Clean up.
In order to delete unnecessary files you have to do disc clean up.for this you have to follow the above steps.A small disc clean up tool is build internally in your system.Select c:\ drive to clean up and click on first tab as shown below "disc clean up".It deletes all unnecessary,hidden and unwanted files from your system.
Disc clean up to perform any of the following below tasks to free up disc space on your hard disc:
-Empty Recycle Bin.
-Remove Windows temporary files.
-Remove unnecessary downloaded files programs.such as c,java applets,active x etc.
-Remove installed programs which you never use.For example after playing any game completely better you uninstall it.Why because games occupy huge space.
-A few windows programs which are optional which you never use.Better you delete those kind of programs.
You can clean those kind of files by below method.
- Click Start and click Run.In that type "cleanmgr" and then click "OK".
In some cases disc clean up dosen't work properly.especially when INDEX.DAT file is corrupted.

C:\WINDOWS\Prefetch:
This folder contains regularly used programs.Without any problem you can delete those files completely.Your system will start quicker after deleting those files from your system.The files in prefetch folder will generate automatically as soon as you restart your system.

C:\I386\
C:\Windows\Driver Cache\I386\
C:\Windows\ServicePackFiles\I386\
If you really want to save your disc space then delete the above files immediately. 1386 folder contains all setup files.If your system is working proporly then there is no need of above files.You can delete them.I am not responsible if your system does not work properly after deleting those files. :-)..My best tool is Active Eraser which deletes all unwanted files completely from your system.
Active-Eraser software mainly consists of 4 components:
1)Secure File Eraser.
2)hard Disc Drive Eraser.
3)Disc Wiper.
4)Internet Trace Eraser and Local Activities Cleaner.
Prefer to use this tool before defragmentation.

The below temporary files which you can remove completely from your system.I can assure that your system will be safe after deleting the below files.
C:\Documents and Settings\your username\Local Settings\Temp
C:\Documents and Settings\Default User\Local Settings\Temp
C:\Documents and Settings\LocalService\Local Settings\Temp
C:\WINDOWS\TEMP
C:\Documents and Settings\your username\Local Settings\Temporary Internet Files
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files
C:\Documents and Settings\your username\Local Settings\History
C:\Documents and Settings\Default User\Local Settings\History
C:\Documents and Settings\LocalService\Local Settings\History.

C:\PAGEFILE.SYS (Virtual memory) page files:
The page files are used only when your main memory has been used by running programs.For this more memory is needed.Page files are used temporary .So we can delete those files completely from our system.Disabling the pagefile is only a wise thing to do if the available memory exceeds 512 MB (the use of the pagefile depends on the demand for memory of the running applications). You can also move the pagefile to another (faster) partition (as suggested on the page Windows XP settings part I) to make a quicker system backup/recovery possible.

How to delete locked files:Some files cannot be delete by above procedures.Even by using Active-Eraser you cannot delete locked files.Because the file or folder is locked by specific process or method.You have to find which process is locking those files.After finding you have to stop the process.For this download Microsoft Process Explorer v11.4.The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.Another tool Unlocker which unlockes the file or folder from specific process and deletes those files.

Few disc cleaning softwares are shown below.
- Download Sreenit.exe.
- Download File Encryption.
- Download Disk Invistigator.
- Download Delete Doctor.

Latest tricks on internet explorer

Tricks on Internet Explorer (IE):

How to remove history in Internet Explorer (IE):
As soon as you type in address bar Internet explorer keeps tracks of each url and saves that url in Internet Explorer history.There is no necessary for typing again and again.If you are not interested to store all url's in history you may remove those url's.Well it is easy to delete history in Internet Explorer (IE).Any user that uses your computer can find out what information you are searching.So it is better to clear history in Internet Explorer.A simple registry modification is needed for clearing history.

• Click Start and go to Run.
• Type regedit in run.
• This command "regedit" redirects to
• HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Typed URLs. Now just delete all keys and list of url's that present in that folder.

Speed up Network Browsing:
Well it is so easy to increse the browsing by just deleting one file from regedit folder.There was a small problem in windows that causes scheduled tasks folder to be searched when ever the user would browse network drives..
Follow the procedure to speed network browsing:

• Click on start and go to run.
• Type regedit in run.

• Navigate to
• HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/Current Version/Explorer/RemoteComputer/NameSpace
  

• find the key named
• {D6277990-4C6A-11CF-8D87-00AA0060F5BF}.

• Right click on that folder and delete it.
• Now restart your computer.

Note:Before attempting these steps backup your registry.

Allow more than 2 simultaneous downloads in IE 6:
Yes it is easy to keep more than 2 simultaneous downloads in IE(Internet Explorer).From the below steps you can keep 10 downloads at a time.

• Start registry editor (Regedt32.exe).
• Locate the registry key shown below
  
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings.
• now go to edit menu and click on add value.(a dword).Now add the following registry values shown below.
  

"MaxConnectionsPer1_0Server"=Dword:0000000a
"MaxConnectionsPerServer"=Dword:0000000a

• Now exit registry editor.
• restart your system.

How to lock computer XP:
press "L"key while holding down "Windows Logo" key on your keyboard.
this is the good way to lock your windows xp.If you would like to lock remotely,for example via "Remote Administrator",you don't have this ability. What you can do instead, is to create a shortcut on remote computer's desktop where Target
%windir%\System32\rundll32.exe user32.dll,LockWorkStation
Start In %windir%.

How to change Internet explorer (IE) title text?
Hmmm......It is a fairy trick to change IE title text in to our own words.Just follow the below steps to change Internet Explorer(IE) title text.
Open regdit navigate to this key as shown below:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
Just change the WINDOWS title to whatever you want on title bar of windows internet explorer.To have no title except the title of the web pages you are browsing do not enter anything for a value.

Preventing the spread of USB virus

Introduction

As the use of memory sticks has become more and more widespread, so malware has
began to use them as a way to spread from machine to machine. While this is a
problem for end users, the real danger is with IT professionals, who might use
the same USB stick in dozens of computers in a single day, will often be logged
in with administrative privileges, and will have access to important machines.
This paper is aimed at those professionals, and how they can mitigate the risk
of passing an infection onto other machines.



The Problem 

Malware uses two main techniques to spread through memory sticks. The first,
and less serious, is infecting executable files on the memory stick, so that
when they are run on another machine, the infection moves with them.

The more common, and more dangerous, is to spread via the `autorun.inf` file,
which Windows automatically executes when the drive is connected, meaning that
no user interaction is needed. Conficker has been getting a lot of attention
recently, and this was one of the methods it used to spread itself, but many
other malicious programs used the same technique.

It is possible to disable the autorun feature from Windows, but this requires
that the client machine has done this, which is not always the case, as most
users will not have the technical knowledge to do this.



The Solution 

Since we cannot rely on the computer to prevent the execution of the
autorun.inf file, we must do this from the memory stick. It is possible to buy
memory sticks with read-only switches, so that they can be locked to prevent
the computer writing to them, but this can cause problems, is easily forgotten,
and doesn't help once the memory stick has been infected.

However, if the memory stick is FAT32, which most are, with the exception of
some of the new 8GB+ drives, we can create a quick fix using a hex editor, and
a basic knowledge of the FAT32 directory table.

First, we create a blank `autorun.inf` file on the memory stick, then open up
the disk in a hex editor. It doesn't matter if you open the physical disk, or
the logical partition, but if the disk has more than one partition, it is
better to do the latter. Make sure that the disk is opened with read/write
permissions, and that you haven't got anything accessing it at the time. HxD
for Windows is a small, portable hex editor, if you don't already have one.



While this can be done to a disk with data on, it is safer to do it to a blank
one, just in case there is a problem. If not, make sure that you have a copy of
any data on the stick, if you don't, the you are liable to any loss of data
that might occur.

Next, run a search in the disk for the string `AUTORUN`, as a non-Unicode text
string. It should find it near the beginning of the disk. The area we are
interested in is as follows.

41 55 54 4F 52 55 4E 20 49 4E 46 20
A  U  T  O  R  U  N     I  N  F


The first 8 bytes are the filename (with a space at the end, because autorun is
only 7 characters), followed by a 3 bytes file extension (INF), followed by one
byte for the file attributes. It is this final byte that is relevant.

The current value of the byte (0x20) has just the archive bit set. What we want
to do, is to change this byte to 0x40, which sets the device bit, which is
never normally found on a disk. The block will now look like this.

41 55 54 4F 52 55 4E 20 49 4E 46 40
A  U  T  O  R  U  N     I  N  F  @

Once this has been saved to disk, ignoring any warning that this might corrupt
the disk, we then unmount and remount the volume. Now, when you browse to the
disk, the autorun.inf file can be seen, but it cannot be deleted, opened,
edited, overwritten, or have its attributes changed.

When this memory stick is connected to an infected machine, which will try to
create an autorun.inf file on it, it will fail with an error, (Cannot create
file), meaning that this memory stick cannot be infected, and thus cannot pass
an infection on to any other computers.



Conclusion

As stated before, this is not a guide aimed at end users, it is aimed at IT
professionals, or other power users, who will use the same USB stick on
multiple computers on a day to day basis.

Should this technique become widely used, we will almost certainly see malware
that can bypass it, but until that happens, it can provide a simple but
effective defense against USB spreading malware.

Delete files that are undeletable

Open a Command Prompt window and leave it open. Close all open programs. Click Start, Run and enter TASKMGR.EXE Go to the Processes tab and End Process on Explorer.exe. Leave Task Manager open. Go back to the Command Prompt window and change to the directory the AVI (or other undeletable file) is located in. At the command prompt type DEL where is the file you wish to delete. Go back to Task Manager, click File, New Task and enter EXPLORER.EXE to restart the GUI shell. Close Task Manager.