FANDOM


Fundamental

Batch Programming

Command

Command Description Remarks
find Searches for a string of text in a file or files, and displays lines of text that contain the specified string.
findstr Searches for patterns of text in files. support regex

Filesystem

Hyperthreading

Process

Command Description Remarks
tasklist List running applications and services.
taskkill End one or more processes (by process id or image name). taskkill /pid 33752 /f
Process Description Remarks
igfxsrvc installed along-side Intel Graphics Accelerator cards and with on-board graphics chipsets.

Service

Command Description Remarks
sc Service Control - Create, Start, Stop, Query or Delete any Windows SERVICE. The command options for SC are case sensitive.
sc query Obtains and displays information about the specified service, driver, type of service, or type of driver.
sc queryex Obtains and displays extended information about the specified service, driver, type of service, or type of driver.
sc qc Queries the configuration information for a specified service.
sc stop Sends a STOP control request to a service.
sc pause Sends a PAUSE control request to a service. Not all services can be paused.
sc config Modifies the value of a service's entries in the registry and in the Service Control Manager database.

sc

> sc query   & :: list all services

> sc query GnStart   & :: query a specific service

> sc config GnStart start= disabled   & :: set a service disabled

> tasklist | findstr "^Gn.*"   & :: find processes starting 'Gn'

>

Common Services

Name Title Description Recommended Startup Type
wbengine Block Level Backup Engine Service Manual
VSS Volume Shadow Copy Manual
SDRSVC Windows Backup Disabled
TENXW_Guard TouchEn nxWeb by RaonSecure Co. Ltd. Manual

Networking

Command Description Remarks
route Displays and modifies the entries in the local IP routing table. ROUTE
tracert Determines the path taken to a destination by sending Internet Control Message Protocol (ICMP) Echo Request messages to the destination with incrementally increasing Time to Live (TTL) field values. TRACERT
pathping Provides information about network latency and network loss at intermediate hops between a source and destination. PATHPING
netsh Allows you to, either locally or remotely, display or modify the network configuration of a computer that is currently running. netsh (Wikipedia)
net use Connects a computer to or disconnects a computer from a shared resource, or displays information about computer connections.

Netsh

Command Description Remarks
netsh interface tcp show global Shows TCP parameters that affect all connections.

Configuration

Security

GDI

Debugging

  • Debugger Commands
  • SymChk
    • a program that compares executable files to symbol files to verify that the correct symbols are available.

Performance Tuning

Counters

  • Typical performance counter collection
Counter Meaning Remarks
\Memory\Available Bytes available bytes
\Memory\Committed Bytes the private bytes committed to processes
\Process(process_name)\% Processor Time Processor Time = User Time + Privileged Time
\Process(process_name)\% Privileged Time the percentage of non-idle processor time spent executing code in privileged mode
\Process(process_name)\% User Time the percentage of time that the processor spent executing code in user mode
\Process(process_name)\Private Bytes bytes allocated exclusively for a specific process can be paged to disk or in the standby page list
\Process(process_name)\Working Set the shared and private bytes allocated to a process suddenly drop when you minimize an application
\Process(process_name)\Pool Nonpaged Bytes the number of bytes in the nonpaged pool, an area of system memory for objects that cannot be written to disk
\Process(process_name)\Pool Paged Bytes the number of bytes in the paged pool, an area of system memory for objects that can be written to disk
\Process(process_name)\Handle Count the total number of handles currently open by this process
\Process(process_name)\Thread Count the number of threads that were active in this process
\Process(process_name)\IO Read Bytes/sec the rate at which the process was reading bytes from I/O operations
\Process(process_name)\IO Write Bytes/sec the rate at which the process was writing bytes to I/O operations
\Network Interface(card_name)\Bytes Received/sec
\Network Interface(card_name)\Bytes Sent/sec
Community content is available under CC-BY-SA unless otherwise noted.