[ About | Licence | Contacts ]
Written by Oleksandr Gavenko (AKA gavenkoa), compiled on 2017-01-30 from rev ccaa2f364422+.

Windows OS.

Determining windows version.

Run winver.exe: <Win> + R winver <RET>.

Or type: <Win> + <Break>.

Under cmd.exe use built-in command ver.

For Win 2000 and upper check registry key:

cmd> reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion" /v CurrentVersion

To check 32/64-bit OS use PROCESSOR_ARCHITECTURE env var (it has such values: x86, AMD64, IA64).

Full info about Windows edition available from this .vbs:

cmd> slmgr -dli

Windows history.

A history of Windows

Windows update.

To find updates and drivers visit (подлинность Windows not checked):


You can search driver by keywords from Device Manager like:

VEN_10DE DEV_0247
VID_22B8 PID_2A62

After obtaining .cab file for driver unpack files:

cmd> expand FILE.cab -F:* c:\tmp\dir

and use that directory in "Update driver" dialog.

Also you can find updates on:


Updates that reset pirate copy of Windows: КВ971033.

List of installed updates:

cmd> wmic qfe
Microsoft Update Catalog FAQ
How to download updates that include drivers and hotfixes from the Windows Update Catalog.

Check system files integrity.

cmd> sfc /Scannow

To complete repair you may need original installation CD (you can mount it from .iso image for example with DemonTools). Look to c:/Windows/Logs/CBS/CBS.log for errors and warnings.

Works starting from Windows 2000.


Repair boot.

If you only damage boot sector of master or system partition boot from Windows XP installation CD, enter to recovery console and run:

cmd> fixboot
cmd> fixmbr


Automatically connect to shared resource.

Add to autorun such .bat file:

net use x: \\server\share /user:username password


Activate Windows.

Activate Windows from command line:

cmd> slmgr -ipk YGR45-THIS9-WONT5–0WORK-D7667

Reset the evaluation period/licensing status and activation state of the machine:

cmd> slmgr -rearm

Check activation:

cmd> slmgr /xpr


Windows Product Key Update Tool Instructions

Activate Windows XP.

Replace %WINDIR%/system32/winlogon.exe with valid in Safe Mode and run Windows Product Key Update Tool.

Windows images.

Windows XP Service Pack 3 - ISO-9660 CD Image File

hosts file.

Edit %windir%/system32/Drivers/etc/hosts. Under Windows 7/8/10 you need to run editor with "Run as administrator".

Access to Samba from Vista/7.

By default, you cannot authenticate and share files to and from Mac OS X or Linux Samba due to a well known authentication method turned off by default. To enable this,

Only for Windows Vista Ultimate/Business/Enterprise Editions.

Goto Start->Run and open gpedit.msc or secpol.msc

Select Continue on the User Account Control prompt. This will launch the Group Policy Object Editor for the Local Computer Policy.

In the Group Policy Object Editor, expand:

-> Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options

Open the "Network security: LAN Manager authentication level" policy and change the Security Setting to:

Send LM & NTLM - use NTLMv2 session security if negotiated

Windows Vista Home Edition.

Since Windows Vista Home Edition does not feature the Group Policy Editor, you may do the following to enable this feature:

Goto Start->Run-> and type regedit.

Select Continue on the User Account Control prompt.

Navigate to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa

Create the following DWORD value (if it doesn't exist): LmCompatibilityLevel

And set its value to: 1

Map dir to disk.

To create:

cmd> subst [to-disk: [from-disk:]path]

To remove:

cmd> subst disk: /d

Standard scripts.

compmgmt.msc - Computer management devmgmt.msc - Device manager diskmgmt.msc - Disk management dfrg.msc - Disk defrag eventvwr.msc - Event viewer fsmgmt.msc - Shared folders gpedit.msc - Group policies lusrmgr.msc - Local users and groups perfmon.msc - Performance monitor rsop.msc - Resultant set of policies secpol.msc - Local security settings services.msc - Various Services msconfig - System Configuration Utility regedit - Registry Editor msinfo32 - System Information sysedit - System Configuration Editor win.ini - windows loading information(also system.ini) winver - Shows current version of windows mailto: - Opens default email client command - Opens command prompt

appwiz.cpl - Add & Remove Programs timedate.cpl - Date/Time Properties desk.cpl - Display Properties inetcpl.cpl - Internet Options mmsys.cpl - Sound Settings sysdm.cpl - System Properties password.cpl - Password Options main.cpl - Mouse and Keyboard Options control fonts - Fonts Folder control printers Printers Folder

'.cpl' scripts can be run from command line as:

cmd> Rundll32 Shell32.dll,Control_RunDLL cmd> Rundll32 Shell32.dll,Control_RunDLL Mmsys.cpl,,0


Max path length.

260 chars. Use MAX_PATH macros from 'windows.h'.

Allowed characters.

Not allowed:
  • characters from 0 to 31

  • < (less than)

  • > (greater than)

  • : (colon)

  • " (double quote)

  • / (forward slash)

  • (backslash)

  • (vertical bar or pipe)
  • ? (question mark)

    • (asterisk)
Naming Files, Paths, and Namespaces


Boot Parameters to Configure DEP and PAE


All 32-bit Windows XP support only 4 GiB RAM. To enable PAE (Physical Address Extension) edit 'c:boot.ini', add option '/pae':

multi(0)disk(0)rdisk(0)partition(1)WINDOWS="MS Windows XP Prof" /fastdetect /pae

/pae option
PAE support


NX (no execute) in Windows realised in Data Execution Prevention (DEP) technology.

On 64-bit processes, DEP is enabled by default and cannot be disabled. For 32-bit Windows DEP is supported in Windows Server 2003 with SP1, Windows XP with SP2, Windows Vista, and later versions of Windows.

To enable NX on 32-bit Windows edit 'c:boot.ini', add option '/noexecute=...' (alwayson/optout/optin/alwaysoff):

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="MS Windows XP Prof" /fastdetect /noexecute=alwayson

To see current DEP status run:

cmd> wmic OS Get DataExecutionPrevention_Available
cmd> wmic OS Get DataExecutionPrevention_SupportPolicy
cmd> wmic OS Get DataExecutionPrevention_Drivers

              /noexecute parameter
              How to determine that hardware DEP is available and configured on your computer

Windows ISO images.

Windows XP Service Pack 3 - ISO-9660 CD Image File

Life cycle.

Windows Service Pack Road Map
Windows Life-Cycle Policy
Life-Cycle Policy by product
Microsoft Product Lifecycle Search. Type product name into search box (like "Windows 95", "Windows XP", "Windows Server 2003", etc)!

NTFS junction points.

To craete use 'junction.exe' from Mark Russinovich or 'linkd.exe' from Microsoft Windows 2000 Resource Kit.

'junction.exe' included with Sysinternals suite.

cmd> md c:Program-Files cmd> junction c:Program-Files "c:Program Files"

Junction v1.05, Published: July 24, 2007
How to create and manipulate NTFS junction points
NTFS junction point

Microsoft Windows 2000 Resource Kit.

Windows 2000 Resource Kit Tools for administrative tasks separate tools downloads

Microsoft security tools.


Microsoft Baseline Security Analyzer 2.1.1 (for IT Professionals)
Enhanced Mitigation Evaluation Toolkit
Announcing the release of the Enhanced Mitigation Evaluation Toolkit (old version 1.0)


Enable/Disabling UAC.

To disable UAC on the computer, you must be able to log on with or provide the credentials of a member of the local Administrators group.

Starting with Windows 7, UAC is disabled by following these steps:

  1. On the Start menu, type "UAC" and then click Change User Account settings.
  2. Move the slide bar to the bottom (Never Notify) and then click OK.

On Windows Vista and Windows Server 2008, UAC is disabled by following these steps:

  1. Start Control Panel and double-click User Accounts.
  2. In the User Accounts tasks window, click Turn User Account Control on or off.
  3. Clear the Use User Account Control (UAC) to help protect your computer check box, and then click OK.
Turn User Account Control on or off

Fix file association.

Check current association:

$ cmd /c assoc | grep -i "^\.mp3"

Get list of all available commands:

$ cmd /c ftype
AIMP.mp3="C:\Program Files\AIMP2\AIMP2.exe" "%1"

and select one on them:

$ cmd /c assoc .mp3=AIMP.mp3

Clean up Windows system directories.

Run cleanmgr.exe.

You can safely remove SP restore files:


Also check such directories:

%SYSTEMDRIVE%\Program Files\Common Files
%SYSTEMDRIVE%\Documents and Settings\USER\Application Data
%SYSTEMDRIVE%\Documents and Settings\USER\Local Settings

              HOW TO: Remove the Service Pack Restore Files and Folders in
              Automating Disk Cleanup Tool in Windows

Schedule Tasks in Windows.

List registered of task.

$ schtasks /query

Create task.

$ schtasks /create /tn %TASK_NAME% /ru %ROOT% /sc daily /st 23:00:00 /tr "rundll32.exe user32.dll,LockWorkStation"

/sc can be one of:


Delete task.

schtasks /delete /tn %TASK_NAME% /f

Change NTFS permission.

The Icacls.exe utility is available for Windows Server 2003 with Service Pack 2

Change NTFS permission with 'icacls'.

'icacls' allow option:

  • /c - Continues the operation despite any file errors. Error messages will still be displayed.
  • /t - Performs the operation on all specified files in the current directory and its subdirectories.
  • /l - Performs the operation on a symbolic link versus its destination.
  • /q - Suppresses success messages.

Recursively change the owner of all matching files to the specified user:

cmd> icacls %dir% /setowner %user% /t /c

or simply:

cmd> takeown /r /f %file%

Recursively grand full access for everyone:

cmd> icacls %dir% /t /grant:r %user%:(f)
cmd> icacls %dir% /t /grant:r *S-1-1-0:(f)

Well-known security identifiers (SID).

Null SID. A group with no members. This is often used when a SID value is not known.
World/Everyone. A group that includes all users.
Creator Owner ID. A security identifier to be replaced by the security identifier of the user who created a new object. This SID is used in inheritable ACEs.
Creator Group ID. A security identifier to be replaced by the primary-group SID of the user who created a new object. Use this SID in inheritable ACEs.
Service. A group that includes all security principals that have logged on as a service. Membership is controlled by the operating system.
Anonymous. A group that includes all users that have logged on anonymously. Membership is controlled by the operating system.
Administrators group.
Users group.
Guests. By default, the only member is the Guest account. The Guests group allows occasional or one-time users to log on with limited privileges to a computer's built-in Guest account.
Power Users. Power users can create local users and groups; modify and delete accounts that they have created; and remove users from the Power Users, Users, and Guests groups. Power users also can install programs; create, manage, and delete local printers; and create and delete file shares.
Well-known SIDs
Хорошо известные идентификаторы безопасности в операционных системах Windows
Security Identifier

Converting SID to names and inside out.

Use 'PsGetSid' utility from Sysinternals:

cmd> PsGetSid S-1-3-0
cmd> PsGetSid "\NULL SID"

Gathering info about Windows.

cmd> systeminfo

From Win+R:

helpctr.exe -mode hcp://system/sysinfo/msinfo.xml

or by:

cmd> %SystemRoot%\pchealth\helpctr\binaries\helpctr.exe -mode hcp://system/sysinfo/msinfo.xml

Automatically logon to Windows.

cmd# control userpasswords2

Format drive.

Replace with own disk letter:

cmd# format E: /q /fs:ntfs


Formats the disk in the specified volume to accept Windows files.

Login/logout user scripts

%SystemRoot%\system32\GroupPolicy\User\Scripts\Logoff and %SystemRoot%\system32\GroupPolicy\User\Scripts\Logon.

Rebooting Windows

Для возможости перезагружать ОС без входа в систему:

"Параметры безопасности."->"Локальные политики."->"Параметры безопасности."
->"Завершение работы: разрешить..."->"Включить."

Данная политика доступна начиная с Windows 2000.

Настройка автоматического входа в систему.

Графический интерфейс операционной системы.

  1. Пуск -> Выполнить -> в поле Открыть напишите команду control userpasswords2 и нажмите OK. Откроется окно Учетные записи пользователей.
  2. Установите курсор на том имени пользователя для которого вы хотите настроить автоматический вход в Windows (это избавит от написания имени пользователя в следующем окне - оно будет подставлено автоматически) и снимите птичку с параметра "Требовать ввод имени пользователя и пароля", затем введите пароль учетной записи (если используется) и нажмите OK.

Редактирование реестра.

  1. Пуск -> Выполнить -> введите коману regedit и нажмите ОК.

  2. Найдите следующий раздел реестра:

  3. Дважды щелкните параметр DefaultUserName (если такого параметра нет, создайте Строковый параметр с этим именем), введите свое имя пользователя и нажмите кнопку OK.

  4. Дважды щелкните параметр DefaultPassword, введите в поле «Значение» свой пароль и нажмите кнопку OK.

  5. Дважды щелкните параметр AutoAdminLogon, введите в поле Значение число 1 и нажмите кнопку OK.


В случае если компьютер является членом домена перечисленные выше способы не будут работать, необходимо немного модифицировать второй способ прописав значения входа в домен:

В реестре в разделе:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

* параметру AutoAdminLogon установите значение 1
* параметру DefaultUserName установите значение равное имени пользователя для которого
  настраиваете автоматический вход в систему
* параметру DefaultDomainName установите значение равное имени домена для входа
* параметру DefaultPassword установите значение равное паролю пользователя для
  которого настраиваете автоматический вход в систему

Если какого-либо параметра нет, его нужно создать, для всех параметров тип Строковый (REG_SZ).

How to Exit Windows 98/Me Automatically Using a Batch File

You can use either of the following commands in a batch file to restart Windows 98/Me automatically: • runonce.exe -q • rundll32.exe shell32.dll,SHExitWindowsEx n where n is one, or a combination of, the following numbers:

  • 0 - LOGOFF
  • 1 - SHUTDOWN
  • 2 - REBOOT
  • 4 - FORCE
  • 8 - POWEROFF

The above options can be combined into one value to achieve different results. For example, to restart Windows forcefully, without querying any running programs, use the following command line:

rundll32.exe shell32.dll,SHExitWindowsEx 6