services.msc. Locate the desired service and right click on its entry. In the context menu, click Start, Stop, or Restart as necessary.
<foo> with the correct service name:net start <foo>, net stop <foo> as necessary; OR
sc start <foo>, sc stop <foo> as necessary (Note that the sc commands do not wait for the service to finish the operation); OR
Start-Service -Name "<foo>" or Stop-Service -Name "<foo>"
It is important to use the correct tools when writing permanent changes to the environment because they also broadcast a notification to running GUI applications to update their environments accordingly.
systempropertiesadvanced.exe. Click the Environment Variables... button. Edit away!
setx command.
System.Environment commands.
| Windows Variable | Description | Linux Equivalent (if any) |
|---|---|---|
%APPDATA% | Roaming AppData Directory | |
%ERRORLEVEL% | Return code from last command executed from within cmd.exe | $? |
%LOCALAPPDATA% | Local AppData Directory | |
%PATH% | Path | $PATH (note different delimiters: Windows uses semicolons) |
%PATHEXT% | Path extensions | |
%ProgramFiles% | Path to Program Files directory | |
%ProgramFiles(x86)% | Path to Program Files (x86) directory | |
%SystemRoot% | Path to Windows directory | |
%TEMP% | Path to temp directory | |
%TMP% | Path to temp directory | |
%USERNAME% | Username | $USER |
%USERPROFILE% | Root of user profile directory | $HOME |
| Directory | Description | Notes |
|---|---|---|
%SystemRoot%\System32 | Most Windows binaries are located here. | |
%SystemRoot%\SysWOW64 | Windows binaries for enabling support for 32-bit x86 programs. | Exposed as C:\Windows\System32 to 32-bit apps |
C:\Program Files | Default installation directory for installing program binaries | ACL restricts non-Admins to R+X. |
C:\Program Files (x86) | On 64-bit machines, the default installation directory for installing 32-bit x86 program binaries | ACL restricts non-Admins to R+X. |
C:\ProgramData | Location for saving per-machine data that applies to all users | ACL allows full access to standard users. The hidden attribute is set on this directory. |
%USERPROFILE%\Desktop | Directory for files residing on the current user's desktop | Some desktop icons are not actual files and will not be found here. |
%USERPROFILE%\AppData | Per-user data | The hidden attribute is set on this directory; it will not be visible in Explorer unless the latter is configured to display hidden files. |
%USERPROFILE%\AppData\Roaming | Per-user data. If the account is a domain account, the contents of this directory might be mounted from a network share (but cached locally for performance). | |
%USERPROFILE%\AppData\Local | Per-user data that remains on the local machine (ie, not shared across a network). | |
%USERPROFILE%\AppData\LocalLow | Untrusted per-user data (eg browser cache). Not shared across a network. | ACL sets mandatory label to low integrity |
HKEY_LOCAL_MACHINE: machine-wide settings. Must be elevated for write access.
HKEY_USERS: per-user data.
HKEY_CURRENT_USER: symlink pointing into the current user's subkey in HKEY_USERS.
HKEY_CLASSES_ROOT: COM registration information. A view merged from subkeys within both HKLM and HKCU.
Most registry interactions involve HKEY_LOCAL_MACHINE and HKEY_CURRENT_USER.
Some tools abbreviate root key names: eg. HKLM represents HKEY_LOCAL_MACHINE.
SZ: String
EXPAND_SZ: String, but any environment variables referenced within the string are expanded before providing to the requesting program.
MULTI_SZ: Multi-string
DWORD: 32-bit unsigned integer
QWORD: 64-bit unsigned integer
BINARY: sequence of bytes
systempropertiesadvanced.exe: Edit computer hostname, domain, environment variables
comexp.msc: Component Services
compmgmt.msc: Computer Management
eventvwr.msc: Event Viewer
devmgmt.msc: Device Manager
gpedit.msc: Group Policy Editor
services.msc: Services
Coming soon! Please check back!
HRESULT Error Codes (highest nibble is usually 0x8) NOTE: if the error code starts with 0x8007, it is a Win32 error encoded as an HRESULT. Strip off the 8007 and then look up the remaining value as a Win32 error code.
NTSTATUS Error Codes (highest nibble is usually 0xC)
| Command | Description |
|---|---|
psexec -accepteula -s -i cmd.exe | Opens a cmd command prompt as LocalSystem. You may replace cmd.exe with the path to any console program. This command is not usually necessary, but sometimes is useful in order to interactively determine how something behaves while running as LocalSystem. |
handle <substring> | Find out which process has opened any file whose fully-qualified name contains substring. Useful if you need to find out who might be locking a file. |