Windows services from command line.
-*- mode: outline; coding: utf-8; fill-column: 80 -*-
* Determining windows version.
Run winver.exe: <Win> + R winver <RET>.
Or type: <Win> + <Break>.
Under cmd.exe use built-in command ver.
For Win 2000 and upper check registry key:
cmd> reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion" /v CurrentVersion
To check 32/64-bit OS use PROCESSOR_ARCHITECTURE env var (it has such values:
x86, AMD64, IA64).
* Windows update.
To find updates and drivers visit (подлинность Windows not checked):
http://catalog.update.microsoft.com/
You can search driver by keywords from Device Manager like:
VEN_10DE DEV_0247
VID_22B8 PID_2A62
Also you can find updates on:
http://www.microsoft.com/downloads/ru-ru/default.aspx
* XP.
** Check system files integrity.
cmd> sfc /Scannow
To complete repair you may need original installation CD (you can mount it
from .iso image for example with DemonTools).
Works for Windows 2000, Windows XP, Windows 2003.
See
http://support.microsoft.com/kb/222471/
http://support.microsoft.com/kb/310747/ru
** Repair boot.
If you only damage boot sector of master or system partition boot from Windows
XP installation CD, enter to recovery console and run:
cmd> fixboot
cmd> fixmbr
See
http://support.microsoft.com/kb/307654/ru
** Automatically connect to shared resource.
Add to autorun such .bat file:
net use x: \\server\share /user:username password
See
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/net_use.mspx
* Activate windows.
http://www.microsoft.com/genuine/selfhelp/XPPkuinst.aspx?sGuid=bab9e103-6365-44dd-9337-93f0cd9dd4b7&displaylang=en
Windows Product Key Update Tool Instructions
** Activate Windows XP.
Replace %WINDIR%/system32/winlogon.exe with valid in Safe Mode and run Windows Product Key Update
Tool.
* Windows images.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=2fcde6ce-b5fb-4488-8c50-fe22559d164e
Windows XP Service Pack 3 - ISO-9660 CD Image File
* Vista
** Samba.
By default, you cannot authenticate and share files to and from Mac OS X or
Linux Samba due to a well known authentication method turned off by default.
To enable this,
*** Only for Windows Vista Ultimate/Business/Enterprise Editions.
Goto Start->Run and open gpedit.msc or secpol.msc
Select Continue on the User Account Control prompt. This will launch the Group
Policy Object Editor for the Local Computer Policy.
In the Group Policy Object Editor, expand:
-> Computer Configuration
-> Windows Settings
-> Security Settings
-> Local Policies
-> Security Options
Open the "Network security: LAN Manager authentication level" policy and
change the Security Setting to:
Send LM & NTLM - use NTLMv2 session security if negotiated
*** Windows Vista Home Edition.
Since Windows Vista Home Edition does not feature the Group Policy Editor, you
may do the following to enable this feature:
Goto Start->Run-> and type regedit.
Select Continue on the User Account Control prompt.
Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Create the following DWORD value (if it doesn't exist): LmCompatibilityLevel
And set its value to: 1
* Map dir to disk.
To create:
cmd> subst [to-disk: [from-disk:]path]
To remove:
cmd> subst disk: /d
* CMD.
** How run cmd on 64-bit OS.
From 64-bit process:
%windir%\System32\cmd.exe (for 64-bit)
%windir%\SysWOW64\cmd.exe (for 32-bit)
From 32-bit process:
%windir%\System32\cmd.exe (for 32-bit)
%windir%\Sysnative\cmd.exe (for 64-bit)
http://msdn.microsoft.com/en-us/library/aa384187%28VS.85%29.aspx
File System Redirector
* Standard scripts.
compmgmt.msc - Computer management
devmgmt.msc - Device manager
diskmgmt.msc - Disk management
dfrg.msc - Disk defrag
eventvwr.msc - Event viewer
fsmgmt.msc - Shared folders
gpedit.msc - Group policies
lusrmgr.msc - Local users and groups
perfmon.msc - Performance monitor
rsop.msc - Resultant set of policies
secpol.msc - Local security settings
services.msc - Various Services
msconfig - System Configuration Utility
regedit - Registry Editor
msinfo32 - System Information
sysedit - System Configuration Editor
win.ini - windows loading information(also system.ini)
winver - Shows current version of windows
mailto: - Opens default email client
command - Opens command prompt
appwiz.cpl - Add & Remove Programs
timedate.cpl - Date/Time Properties
desk.cpl - Display Properties
inetcpl.cpl - Internet Options
mmsys.cpl - Sound Settings
sysdm.cpl - System Properties
password.cpl - Password Options
main.cpl - Mouse and Keyboard Options
control fonts - Fonts Folder
control printers Printers Folder
* Path.
** Max path length.
260 chars. Use MAX_PATH macros from 'windows.h'.
** Allowed characters.
Not allowed:
* characters from 0 to 31
* < (less than)
* > (greater than)
* : (colon)
* " (double quote)
* / (forward slash)
* \ (backslash)
* | (vertical bar or pipe)
* ? (question mark)
* * (asterisk)
http://msdn.microsoft.com/en-us/library/aa365247.aspx
Naming Files, Paths, and Namespaces
* Memory.
http://msdn.microsoft.com/en-us/library/ff542275%28v=VS.85%29.aspx
Boot Parameters to Configure DEP and PAE
** PAE.
All 32-bit Windows XP support only 4 GiB RAM. To enable PAE (Physical Address
Extension) edit 'c:\boot.ini', add option '/pae':
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="MS Windows XP Prof" /fastdetect /pae
http://msdn.microsoft.com/en-us/library/ff557168%28v=VS.85%29.aspx
/pae option
http://www.microsoft.com/whdc/system/platform/server/pae/paedrv.mspx
PAE support
** NX.
NX (no execute) in Windows realised in Data Execution Prevention (DEP)
technology.
On 64-bit processes, DEP is enabled by default and cannot be disabled. For
32-bit Windows DEP is supported in Windows Server 2003 with SP1, Windows XP
with SP2, Windows Vista, and later versions of Windows.
To enable NX on 32-bit Windows edit 'c:\boot.ini', add option
'/noexecute=...' (alwayson/optout/optin/alwaysoff):
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="MS Windows XP Prof" /fastdetect /noexecute=alwayson
To see current DEP status run:
cmd> wmic OS Get DataExecutionPrevention_Available
cmd> wmic OS Get DataExecutionPrevention_SupportPolicy
cmd> wmic OS Get DataExecutionPrevention_Drivers
http://msdn.microsoft.com/en-us/library/ff557134%28VS.85%29.aspx
/noexecute parameter
http://support.microsoft.com/kb/912923
How to determine that hardware DEP is available and configured on your computer
* Life cycle.
http://www.microsoft.com/windows/support/endofsupport.mspx
End of support for Windows 98, Windows Me, and Windows XP Service Pack 1
http://www.microsoft.com/windows/lifecycle/servicepacks.mspx
Windows Service Pack Road Map
http://www.microsoft.com/windows/lifecycle/default.mspx
Windows Life-Cycle Policy
http://support.microsoft.com/gp/lifeselect
Life-Cycle Policy by product
* NTFS junction points.
To craete use 'junction.exe' from Mark Russinovich or 'linkd.exe' from
Microsoft Windows 2000 Resource Kit.
'junction.exe' included with Sysinternals suite.
cmd> md c:\Program-Files
cmd> junction c:\Program-Files "c:\Program Files"
http://technet.microsoft.com/en-gb/sysinternals/bb896768.aspx
Junction v1.05, Published: July 24, 2007
http://support.microsoft.com/?kbid=205524
How to create and manipulate NTFS junction points
http://en.wikipedia.org/wiki/NTFS_junction_point
* Microsoft Windows 2000 Resource Kit.
http://support.microsoft.com/kb/927229
Windows 2000 Resource Kit Tools for administrative tasks
separate tools downloads
* Microsoft security tools.
http://www.microsoft.com/downloads/details.aspx?FamilyID=CD057D9D-86B9-4E35-9733-7ACB0B2A3CA1&displayLang=en
http://www.microsoft.com/downloads/details.aspx?FamilyID=B1E76BBE-71DF-41E8-8B52-C871D012BA78&displayLang=en
Microsoft Baseline Security Analyzer 2.1.1 (for IT
Professionals)
http://www.microsoft.com/downloads/en/confirmation.aspx?familyId=4a2346ac-b772-4d40-a750-9046542f343d&displayLang=en
Enhanced Mitigation Evaluation Toolkit
http://blogs.technet.com/b/srd/archive/2009/10/27/announcing-the-release-of-the-enhanced-mitigation-evaluation-toolkit.aspx
Announcing the release of the Enhanced Mitigation Evaluation
Toolkit (old version 1.0)
http://blogs.technet.com/b/srd/archive/2010/07/28/announcing-the-upcoming-release-of-emet-v2.aspx
* Disabling UAC.
To disable UAC on the test computer, you must be able to log on with or provide the credentials of a
member of the local Administrators group.
Starting with Windows 7, UAC is disabled by following these steps:
1. On the Start menu, type "UAC" and then click Change User Account settings.
2. Move the slide bar to the bottom (Never Notify) and then click OK.
On Windows Vista and Windows Server 2008, UAC is disabled by following these steps:
1. Start Control Panel and double-click User Accounts.
2. In the User Accounts tasks window, click Turn User Account Control on or off.
3. Clear the Use User Account Control (UAC) to help protect your computer check box, and then click OK.
* Fix file association.
Check current association:
$ cmd /c assoc | grep -i "^\.mp3"
.mp3=mp3file
Get list of all available commands:
$ cmd /c ftype
...
AIMP.mp3="C:\Program Files\AIMP2\AIMP2.exe" "%1"
...
and select one on them:
$ cmd /c assoc .mp3=AIMP.mp3
* Clean up Windows system directories.
You can safely remove SP restore files:
%Systemroot%\$NtServicePackUninstall$
Also check such directories:
%SYSTEMDRIVE%\Program Files\Common Files
%SYSTEMDRIVE%\Documents and Settings\USER\Application Data
%SYSTEMDRIVE%\Documents and Settings\USER\Local Settings
http://support.microsoft.com/kb/290402
HOW TO: Remove the Service Pack Restore Files and Folders in Windows
* Windows services from command line.
** List of all running services.
cmd> net start
** Start service.
cmd> net start NAME
** Stop service.
cmd> net stop NAME