Windows Skills

Common shortcuts and commands

getmac /v #Get NIC mac address and interface name
win+R #Run
win+E #Resource Manager
firewall.cpl #Fireawall
wf.msc #Advanced Firewall
msinfo32 #System Information
devmgmt.msc #Device Manager
regedit or regedt32 #registry
services.msc #Service Manager
compmgmt.msc #Computer Management
gpedit.msc #Group Policy Editor
gpupdate /force #force policy update without reboot
shutdown -s -t 30 #shutdown after 30 seconds
shutdown -a #Cancel shutdown
control #control panel
mspaint #Draw a picture
tasklist #show background tasks
taskkill /IM Chrome.exe /F #teminate background tasks
ctrl+shift+ESC #Task Manager
net start #Show background services
net user administrator "" #clear administrator password
net user administrator /active:no #Disable administrator account
taskkill /IM explorer.exe /F #Hide desktop (don't want to be disturbed by the fancy desktop when playing games)
inetcpl.cpl #internet property,proxy setting and history clear etc.
ncpa.cpl #network connections setting

Clear All Log

@echo off
for /F "tokens=*" %%G in ('wevtutil.exe el') DO (call :do_clear "%%G")
echo All Event Logs have been cleared!
goto theEnd

echo clearing %1
wevtutil.exe cl %1
goto :eof


Network Connection Monitor

after opening a process, refresh this script to see its connection state, connections will be classified according to the application

@echo off
netstat -bno
goto loop

Add right-click administrator command line

@echo off
Reg.exe add "HKCR\Directory\shell\runas" /ve /t REG_SZ /d "Administrator Command Line" /f
Reg.exe add "HKCR\Directory\Background\shell\runas" /ve /t REG_SZ /d "Administrator Command Line" /f
Reg.exe add "HKCR\LibraryFolder\background\shell\runas" /ve /t REG_SZ /d "Administrator Command Line" /f

reset network

@echo off
netsh winsock reset

Prevent ransomware

@echo off
netsh advfirewall firewall add rule name="block_tcp_135_137_138_139_445" protocol=TCP dir=in localport=135,137,138,139,445 action=block
netsh advfirewall firewall add rule name="block_udp_135_137_138_139_445" protocol=UDP dir=in localport=135,137,138,139,445 action=block