Navigating To The File Using CMD

To delete a file or folder using the command prompt we must first navigate to the location of our
file. By default the command line is located at a folder named after your
computers username (C:\Users\MyPC). This folder contains your documents, downloads and
desktop directories, among others.
To view all the files in this directory use the “Dir” command, which stands for directory.

Dir

Every file in this directory will be displayed at once.

If the file or directory you want to delete is located at your desktop for example use the “Cd”
command to change the command prompts directory. 
Simply type “Cd” followed by the folder you want to navigate into within quotes.

Cd "Desktop"

You will at once navigate into the desktop directory and from here you can use the “Dir”
command once again to locate the file or folder you want to delete.
If you navigated to the wrong directory by mistake, type:
CD ..

You will immediately be navigated into the previous directory.

In a similar way you can use a combination of the “Dir” and “Cd” commands to navigate to any
directory and locate any file or folder.

Deleting Folders / Directories Using CMD

To delete a folder use the “Rmdir” command, which stands for “Remove Directory”.
Keep in mind that as the name suggests, “Rmdir” only deletes directories.
Trying to delete a file using “Rmdir” will constitute in an error.

Rmdir "My Folder"

You might be wondering why we surrounded the name of our folder in quotes.
The quotes tell the command line that the spaces separating the words do not constitute an
additional parameter and that they are simply a part of the name of our folder.

“Rmdir” without any parameters only removes folders that are empty, to delete a folder along
with the files or folders within it you need to use the /S parameter.
The command would look like this:

Rmdir /S "My Folder"

After entering the command the command line will ask if you are sure you want to delete this
file. 

Simply press “y” to confirm.

If you want to delete a folder in a directory other than your users folder you would need to start
the command prompt as an administrator.
Be careful when deleting folders with administration privileges, the wrong command can very
easily break your computer.

Deleting Files Using CMD

The command for deleting files using the cmd is “Del“.
Unlike “Rmdir“, “Del“can only delete files. Using “Del” to delete a folder will constitute in
an error.
To delete a file simply type “Del” followed by the name of your file along with its extension
in quotes.

Del "My File.txt"

Your file should be immediately deleted.
Once again if you file is not located in the users folder or within any of its sub-directories you
would need to start the command prompt as an administrator. 
Be very careful however , the wrong command in an administrator command prompt can very
easily break your computer.
To delete more than one file at once simply enter all the names of your files one after the other.

Del "File1.txt" "File2.txt" "File3.txt"

Delete Many Files Or Folders At Once

Entering the name of every file or folder you want to delete is not always practical.
Work smarter not harder.
You can delete every file that begins with a set of characters by using a wildcard.
Wildcards are special symbols that take the place of characters or words.
The most commonly used wildcard is the asterix. 

Typing “Del” followed by a set of characters that is shared among the names of the files we want
to delete and an asterix, will delete all of them.

Del "File*"

Every file that begins with the word “File” will be deleted. 
To delete a set of folders instead, simply replace the Del command with Rmdir.

Similarly you can delete only files of a specific type by specifying its extension before

a wildcard. With the following command for example, we can delete every text file in our
current directory.

Del "*.txt"

We can even delete every file or folder by using a wildcard, all by itself.

Here is an example using the Rmdir command.

Rmdir /S "*"

Every folder in your current directory will be deleted along with any contents within it.
Be careful when deleting files and folders, the wrong command can easily delete important files
and folders.

Delete Files Or Folders From Any Directory

While you can use the “Rmdir” and “Del” commands to delete files and folders in your current
directory, what if you want to delete a folder or file that’s located in a different directory without
having to navigate there yourself?
You would have to enter your command as usual but instead of typing the name of the file or
folder you want to delete directly you would have to enter the location of the target directory
followed by a backward slash and then name of your folder or file.
It should look something like this:

Rmdir "C:\Users\Julian\Documents\My Folder".

In the same way you can replace “Rmdir” with any command to complete any task from any
directory.

Summary:
 Navigate to the directory the file you want to delete is located with the “CD” and “Dir”
commands.
 Use “Rmdir” to delete folders and “Del” to delete files. Don’t forget to surround the
name of your folder in quotes if it contains a space.
 Use wildcards to delete many files or folders at once.

Ping:
Lets start with something simple.
Ping can help you resolve internet or network connectivity issues, by sending packets to your
destination and awaiting a response.
Type ping followed by a URL or an IP address.

Ping 8.8.8.8

If the server is there, you will see the reply as well as the amount of time the interaction took.

Tracert:
Tracert is similar to ping and it can be used to visually identify exactly where a problem occurs
when a packet gets sent and received from its destination.
Tracert, as the name implies, traces each hop on the route the packet takes to reach your
destination, and tells you information about each of them.
To use it, type tracert followed by your destination URL or IP.

Tracert 8.8.8.8

Pathping:
Pathping is a more advanced version of ping as well as a combination of ping and tracert.
Pathping sends ping commands to every hop a packet takes to reach your destination over a
period of time.
Resulting in a detailed report. Its usage its similar to both path and tracert, simply type Pathping
followed by your destination URL or IP.

Pathping 8.8.8.8

The operation can take quite a long time to complete and thus tracert is usually preferred.
However, the extra information it provides can be especially useful at times.

Ipconfig:
Type ipconfig in your command line, to get all sorts of information about your IP configuration
and all the IP addresses your pc is currently using.

Ipconfig

A particularly useful parameter is /flushdns which will completely delete your dns cache.

Ipconfig /flushdns

You can also use the following commands one after the to assign a new IP address to your
computer.

ipconfig /release
ipconfig /renew

Ipconfig is immensely powerful and if you want to learn more about it check out this blog post
where we go in depth into how it works and how it can be used.

Nslookup:
Use nslookup to find the IP of a server from a domain name. Simply type nslookup followed by
the domain you want to resolve.

Nslookup google.com

Alternatively, you can perform a reverse lookup by entering an IP address and finding out the
associated domain name.

Nslookup 8.8.8.8

Awesome, right?

Netstat:
Netstat stands for network statistics and as the name suggests it can be used to display various
information about your network connections such as which application (if any) is establishing
connections, which ports are being used, and various other statistics.
You can use this information to troubleshoot or manage your network as well as its connections.

Typing netstat by itself will display every active connection in your computer along with the
protocol, the local and remote address as well as whether the connection is currently active or
not.

Netstat

Once you are done, press control and c to stop the execution of the command.

The output of the netstat command can get a bit messy and confusing, you can use several
parameters to filter, sort or display more information about your network connections.
Starting with -a, which will display every active port sorted numerically.

Netstat -a

The -e parameter, which will display various information such as the number of packets sent and
received the number of errors that have occurred and more.

Netstat -e

Finally, we have the -b parameter which requires administrator privileges to be run and will
display which application is establishing a connection.

Netstat -b

There are many more parameters that can be used along with the netstat utility browse through
the output of the help command to find them out.

Route:
You can use the route command to display or modify your computer’s routing table. To display
your routing table, type route followed by the parameter print.

route print

To modify your routing table, use the following syntax:

route (-p) add/delete/change destination (mask-subnet) gateway (-if interface)

Confused? lets break it down:

The -p parameter makes your entry persistent, without this parameter your entry will be deleted
in the next boot.
Next, type the action you want to take with this entry and the IP of the destination subnet,
optionally you can enter the subnet mask, if you don’t, the default will be used.
Then, enter the gateway IP and finally with the -if parameter you can specify the interface from
which packets will be sent.

Make sure you know what you are doing before changing route tables, the wrong command can
potentially break your computer’s connectivity.

Netsh:
The Netsh command can be used to do a variety of things. Everything from viewing your
internet protocol configuration to deleting your address resolution protocol configuration
cache and configuring various tcp/ip related settings.

Lets start with viewing your interface configuration. To do so simply type the following
command.

netsh interface ip show config

Let’s break this command down:

The netsh command works a bit differently than other cmd commands because it doesn’t not
accept parameters in the usual sence but rather accepts contexts.
As the name suggests “contexts” are words that provide context to the netsh command so that it
knows what to do. In this case the “interface” context tells our command that the operation we
want to perform is on our interfaces.
The “ip” command specifies that we want to do something on the internet protocol
configuration and finally the “show config” contexts tell our command to show us our
configuration.

Apart from simply viewing information we can use the netsh command to perform a number of
operations on our network configuration. For example, with the following command we can
delete the cache of our address resolution protocol (or arp for short).

netsh interface ip delete arpcache

We can also configure our tcp/ip settings directly from the command line. The following
command for example will change the static ip, subnet mask and gateway ip of our “Local Area
Connection” interface.

netsh interface ip set address name="Local Area Connection" static 192.168.1.5

255.255.255.255 192.168.1.1

We can even use the Netsh command to manage our firewall. With this command for example
we can create an exception for a specific port.

netsh firewall add portopening TCP 1234 MyPort

These are just a few of the things that the Netsh command can do. Browse through the output of
the help command or search the internet to find out what else it can be used for.

Summary:
 Use ping, tracert and pathping to troubleshoot network problems.
 Netstat stands for network statistics and as the name suggests it can be used to display
various information about your network connections.
 Use ipconfig and nslookup to get all sorts of information about your network or a server.
 Use the route command to display or configure your computer’s routing table.
 The Netsh command can be used to view or configure your internet protocol
configuration.

Registry Structure:
Before we learn how to use the command line (CMD) to modify our registry we must first learn
how information within registry itself is structured.
The registry stores items in the following structure:
Hives -> Keys -> Values
Let’s start with Registry Hives.

Hives:

The windows registry contains several root locations that store various entries.
These locations are called registry hives.
Registry hives are separated based on the values they contain.
Here is a list of some of the most commonly used registry hives along with a brief description
about each one:
Name (Abbreviation) – Description

 HKEY_LOCAL_MACHINE (HKLM) – Contains keys and information related to the entire

computer, such as windows configurations or other system wide settings.
 HKEY_CURRENT_USER (HKCU) – Contains keys and information related to the current computer
user, such as preferences or settings.

While there are several more registry hives these are the one you will likely be using almost
exclusively, so do not stress too much about the rest.

Keys:

Within these hives there are several sub-entries or keys, which categorize our values even further
into several groups.
For example, the Software key which is located with the HKEY_LOCAL_MACHINE registry
hive contains information and settings related to every application in your computer.
Basically, think of keys like containers or folders.

Values:

Within these keys we have various values, that our applications or windows have created.
Sort of like files within a folder.
These values are also called entries and will be using the two names interchangeably.
Entries, store data using several distinct data types, in the following list I have included the
name of each value in human-readable format, the name that they are listed as in the
registry(within parenthesis) along with a brief description.

 String (REG-SZ) – A combination of numbers, letters and symbols.

 Binary ( REG_RESOURCE_LIST) – Basically a bunch of zeros and ones.
 DWORD (REG_DWORD) – A 32 bit integer number. Can be expressed in either binary or
hexadecimal format.

There is no way I can explain this using plain English and fit it into a sentence, instead, if you
want to learn more, you would have to go here.
While these are not all the data types, they are the ones which you will likely use most.

Since this article is more about the command line itself and its relation to the registry, I wont
dive any deeper into the registry itself.
If you would like to, you can find more information about the registry by clicking here.
With that said you should now have the basics down and be ready for the following sections.

Adding Keys – Using CMD:

Instead of using the windows GUI to edit your registry values, as you might have done in the
past (like a little b*tch), you can use the command line (CMD) to do just that.
To do so, we will make use of the REG command.
To edit the windows registry, you need a command prompt with administrator privileges.
Let’s start by learning how to create keys.
Like we said before a key is like a folder or container that is used to store many entries.
To create a key named MyKey type the following:

REG ADD HKLM\Software\MyKey

Right after our ADD parameter we have the location in which we want our key to be created, In
this case I created my key within the Software key which usually contains values for user-
installed programs.

Adding Entries/Values – Using CMD:

Now that we have created our key lets create a value within it.
To add a DWORD entry named MyEntry with a value of 0 to our local software path type the
following:

REG ADD HKLM\Software\MyKey /v MyEntry /t REG_DWORD /d 0

Let’s break it down:

 /v – Specifies the name of our value.

 /t – Specifies the data type of our entry, in this case a DWORD, which is the type you will be
creating almost exclusively.
 /d – Specifies the data of our entry.

Let’s check if our value was added successfully by using the QUERYparameter followed by the
location and name of our entry:

REG Query HKLM\Software\MyKey /v MyEntry

The 0x before our value denotes that this is hexadecimal value.

An entry with the correct value has indeed been created.
Good Job, Bob! Or whatever your name is.

Modifying/Changing Entries – Using CMD:

Changing registry data is what you will be doing mostly, so lets learn how to, by changing the
data of the entry we created in the previous section.
We can change the data within an entry by once again using the ADD parameter, this time
however we need to use the /F parameter as well, which tells the REG command to overwrite
any existing entries.
Let’s try changing the data within our entry to 1.
Here is the command we are going to use:

REG ADD HKLM\Software\MyKey /v MyEntry /t REG_DWORD /d 1 /F

Pretty easy right?

If you do not use the /F parameter and an existing entry is found the command line will ask you
if you want to overwrite it, simply type “Yes” to confirm.
Once again let’s use the QUERY parameter to verify that the value of our entry has been
changed.

REG Query HKLM\Software\MyKey /v MyEntry

And indeed, it is!

Awesome!

Deleting Keys & Values - Using CMD:

Deleting items within the registry can be a bit risky, and by risky, I mean it can ruin your
computer.
But that is no cause for concern, for as long as you are extremely careful and double check
every command, you will probably be fine.
With that said, let’s delete the value we previously created.
To delete an entry simply use the DELETE parameter followed by the location and name of
your entry.

REG Delete HKLM\Software\MyKey /v MyEntry

Press Y to confirm the operation.
Similarly, to delete an entire key use the /va parameter which tells the REG command to also
delete any values within this key.

REG Delete HKLM\Software\MyKey /va

There are several more parameters with which you can use to perform several operations to your
registry and will learn about them later on.

Example #1: Change Title Bar Colors:

Now that you know the basics lets look at a few ways you can use that wealth of knowledge.
How about something simple, like specifying a security descriptor and editing the associated
access control list.
What’s that, I hear you ask? That doesn’t sound simple?
Nevermind, how about changing the color of your title bars. You like colors, don’t you?
We can change the title bar color for every application and make windows look just a little bit
better with just a few simple registry tweaks (the word simple is used loosely here).

To do so, we have to create two DWORD entries in the following location:

HKEY_CURRENT_USER\Software\Microsoft\Windows\DWM
One entry for the color we want our title bar to have when our applications are active (focused),
and one for when they are inactive (unfocused).
Before we create our values however, we need to decide on the colors we want our tile bars to
have and convert them into the appropriate format.
I will go with a dark turquoise for when my applications are active and black for when they are
not.

Now we need to figure out the hex codes that correspond to our desired colors.
You can use an online converter, such as this one: HexColorTool
Or use an application with a color picker such as Paint or Photoshop.
In my case they are as follows:

 00ced1 – Dark Turquoise

 000000 – Back

You can find exactly what Hex codes (when referring to colors) are and how they work by
clicking here. 

These hex codes are in the RGB Format, which means that the first two letters or numbers refer
to the red component, the next two the green component and so on.
Windows however uses the BGR format (for some reason), which means that if we want
windows to interpret our colors correctly, we need to convert them.
All we have to do is to switch the red and blue components around simply by switching the first
and last two numbers or letters around.
Here is what my colors look like in the BGR format:

 d1ce00 – Dark Turquoise

 000000 – Back

Now that we have our colors lets create our first entry named AccentColor, which will specify
the title bar color for active applications:

Here is what the command would look like:

REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\DWM /v AccentColor /t
REG_DWORD /d 0xd1ce00

The /d parameter requires the 0x prefix when specifying hexadecimal values.

Replace its value with the color of your choice.
The tile bar color of your command prompt should immediately change!

Lest create a second entry named AccentColorInactive for our inactive applications.

REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\DWM /v

AccentColorInactive /t REG_DWORD /d 0x000000

Once again Replace the value of the /d parameter with the color of your choice while retaining
the 0x prefix.
The title bar color of your active and inactive applications should now be changed into your
desired colors.

Success! You not only know how to change the color of your title bar, but have learned a bit of
computer color science as well!
You are welcome.

Example #2: Disabling Windows Defender:

Whether you opt for a third party anti-virus solution or you simply find Windows defender (and
anti-viruses in general) annoying, you might choose to have it disabled.
Windows being windows does not give us an easy way to do this, however we can disable
windows defender by creating a simple entry within our registry.
Simply create a DWORD entry named DisableAntiSpyware, with a data value of 1, in the
following location:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender
Here is what our command would look like:

REG ADD “HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender” /v

DisableAntiSpyware /t REG_DWORD /d 1

Pretty simple right?

Windows Defender should be disabled after a restart.
If you are wondering why we used quotation marks to specify our location, that is because it
contains a space within it.
The quotes tell the command line that the spaces separating the words do not constitute an
additional parameter and that they are simply part of our path or location.

Example #3: Disabling Automatic Updates:

Speaking of annoying windows features, automatic updates.
We have all experienced the supreme irritation of finding our computers unexpectedly deciding
to spend a few hours updating themselves, just when you have an important project to finish.
No more of that! Lets disable automatic updates.
Once again this is pretty simple.
Create a DWORD entry named NoAutoUpdate with a data value of 1 within the following key:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows

Now this is usually the point where I give you the complete command, and all you have to do is
copy and paste it into your command line.
Not this time, call me cruel all you like, but you will have to do this one on your own.
This shouldn’t be hard, you might even learn something!
Thank me later!

P.S Be careful now, try not to break your computer (I take no responsibility).

Useful Parameters:
You are still here! All has gone well then.
Here is your reward:
A list of the most useful parameters for the reg command along with a brief description (not
much of a reward but whatever).

 QUERY – Displays the contents of a location within the registry or the value of an entry.
 ADD – Creates or Edits entries.
  DELETE – You can probably guess this one.
COPY – Copies a specified registry entry from one location to another.
 SAVE – Saves Keys and values into a specified file.
 RESTORE – Writes entries and keys into the registry from a saved file.
 LOAD – Writes entries and keys from a saved file into a different specified key.
 UNLOAD – Removes entries and keys that where loaded with the Load parameter.
 COMPARE – Compares two or more specified keys or values.
 EXPORT – Writes entries and keys into the registry from a saved file, for use in a different
computer.
 IMPORT – imports the keys and values form a file that was created using the export parameter.

Examples Summarized:
For your convenience, here is a list of some of the examples we used, along with a brief
description.

Creates a key named MyKey within theHKLM\Software Key.

REG ADD HKLM\Software\MyKey

Creates a DWORD Entry with a data value of zero named MyEntry, within the
HKLM\Software Key.

REG ADD HKLM\Software\MyKey /v MyEntry /t REG_DWORD /d 0

Displays the data value of the MyEntry entry, which is located within the HKLM\Software Key.

REG Query HKLM\Software\MyKey /v MyEntry

Deletes the MyEntry entry, which is located within the HKLM\Software Key.

REG Delete HKLM\Software\MyKey /v MyEntry

Deletes the entire MyKey Key, which is located within the HKLM\Software Key.

REG Delete HKLM\Software\MyKey /va

Summary:
If only an article of this size could be summarized perfectly into three bullet points. Anyway,
here goes:

 The windows registry is a database that stores settings for the operating system as all as its
applications.
 Use the REG command and the QUERY parameter to view your registry.
 Create or delete entries or sub entries using the REG command and the Add or Delete
parameters.
That's It!