Five powerful Windows command-line tricks


I’ve updated my Control Panel alternative nuePanel with five powerful new troubleshooting commands covering file monitoring, disk checking, DNS servers, filter drivers and keyboard testing.

You don’t have to download the program to try them out, though — they all make use of regular Windows commands you can include in your own scripts.

1. DNS server

If your PC loses its internet connection, it’s sometimes useful to check your current DNS server. But the GUI route — find the network connection, view its properties, locate TCP/IP, find its properties — is, well, a little complicated.

The nslookup command could be a simpler option. Enter the following at the command line.


This displays the name of your DNS server and its IP address (or your router if it’s obtained automatically), along with the address of itself.

If you only want the DNS information displayed, use this instead:

nslookup | findstr /c:”Server:” /c:”Address:”

Here we’re passing the output of the nslookup command to “findstr”, which displays only lines containing the text we’re specifying.

2. File change detection

File monitoring — detecting the files being used on a computer — is often important when troubleshooting, and usually requires installing Process Explorer, Process Monitor or something similar. But you can run basic monitoring with one of these Windows commands (the first gives you full change information, the second trims it down to the file name only).

fsutil usn readjournal c: wait tail
fsutil usn readjournal c: wait tail | find “File name”

View more  Off topic: A day for walking, wacky pothole solutions, chocolate milk and brown cows, return of the typewriter

When a file is changed on an NTFS drive, the system stores basic details in an update sequence number (USN) change journal. Normally this is only used for recovery and file management tasks, but by watching the journal as it updates you can also get an idea of what’s happening on your PC.

There are lots of restrictions to this. It only works from an elevated command line. It only records changes to files (reads are ignored). It only works with NTFS drives. It doesn’t display full file paths. It doesn’t tell you the process making the change.

Despite that, there’s still enough information to be useful, and because it’s using a standard Windows command you can be sure it’ll work almost everywhere, in just about every situation. Give it a try.

3. Keyboard testing

A key on your keyboard isn’t responding? You could go searching for some freeware virtual keyboard checker that would detect keypress events and display the raw codes and scan codes… But it’s probably easier to open a command line and enter this.

dispdiag -testacpi

Press a key, Windows tells you what it thinks it is, along with the code and scan code information. Close the command window when you’re done.

4. Filter drivers

Antivirus engines and other low-level packages often install filter drivers, enabling them to intercept and process system actions. A filter driver might check every file access to look for malware, for instance, blocking anything that seems dangerous.

View more  Scientists erase fear memories in the minds of mice using light

While this sounds great, in theory, poorly-written filter drivers can cause instability and performance issues, so it’s sometimes useful to see what’s installed on a system. These two commands can tell you more (admin rights required).

fltmc filters
fltmc instances

The first command shows installed filters, the second running instances (drivers which are active right now). This information is aimed at Windows experts, but can be helpful in other situations. We found Bitdefender filter drivers still installed on one test system, even though the rest of the Bitdefender package had been removed.

5. Scheduling chkdsk

If you suspect a problem with a drive, you could try running chkdsk to look for errors. But it can be slow, isn’t exactly convenient if you need to use your system for something else, and won’t be able to check locked system files.

One simple answer is to have chkdsk run when you next reboot. This is the command you need.

fsutil dirty set c:

Replace the c: with your target volume, and make sure you run the command with admin rights to avoid “access denied” errors.

nuePanel now includes all the above and is available for Windows 7 and later. But as we’ve seen, you don’t need it, or anything else — for real flexibility, just build the commands into your own shortcuts and scripts.