Operating System (Windows)

windowsfundamentals1xbx windowsfundamentals

Microsoft Windows is the most used operating system. Windows versions that were quite used are Windows XP, Windows 7, Windows 10, and now Windows 11 is slowly gaining new users.

There are a lot of things that are similar to Linux Operating systems, so I will add fewer details here.

Some dates about the latest versions

  • Windows 7 (2009-2020)
  • Windows 10 (2015-2025)
  • Windows 11 (2021-???)
  • Windows 12 (???-???)

Windows images (ISO): as a developer, if you don't have Windows, you can install it with one of the images below.

Windows console

You can run commands on Windows inside a CMD (Command Prompt), or inside a PowerShell. The latter is an improved version of the former, which is retro compatible: commands working in a CMD are, ⚠️for most ⚠️, working inside a PowerShell.

The syntax used on this website (πŸ“Œ):

  • PS>: commands only available in PowerShell
  • CMD> commands available in both CMD and PowerShell
  • A note is added for other special cases

You can start a CMD with cmd or cmd.exe. You can start a PowerShell with powershell or powershell.exe. You can also use

CMD> powershell -c "PowerShell command here"

Hint 1

⚠️⚠️ DANGER ⚠️⚠️. There are many aliases in PowerShell, such as sc for Set-Content. The problem is that some aliases are also CMD commands... An easy path: add .exe, such as sc.exe.

Hint 2

To run administrative commands in a CMD/PowerShell, you need to start it using "Run as administrator".

Hint 3

You can open a CMD/PowerShell in a folder by using SHIFT+Right-click like you would to create a new file, then selecting "Open a PowerShell here".

➑️ Since Windows 11, click on "More options" first.

CMD commands


If you don't use PowerShell, which is Linux friendly so most Unix commands are available, here are some commands that you will most likely use. See the comparison of cmdlets with similar commands. If you need help, use command /?, help command, command /help...

  • πŸƒ cd: move to another folder

  • πŸ“οΈ dir: list files, same as ls

  • πŸ“– type: print files, same as cat

  • 🧹 cls: clear the screen, same as clear

  • πŸ”Ž find: search files

  • πŸ”Ž findstr: search content in files, same as grep

  • πŸ—ƒοΈ move: move files

  • 🎣 curl: fetch web resources

  • πŸ•ΈοΈ ipconfig: see the network configuration

  • πŸͺ΅ tree: display folder structure, same as tree



Windows Management Instrumentation Command-line (WMIC) is an utility provides a command-line interface for Windows management tasks. Since Windows 10, using powershell is recommended πŸ“’.

PS> wmic
wmic:root\cli> # commands are not prefixed by wmic
PS> wmic /?    # show the help

Example commands:

  • wmic computersystem: computer information (username,domain,name)
  • wmic os: OS information (caption,registeredUser,serialNumber,version)
  • wmic product: installed programs
  • wmic logicaldisk: connected hard drives
  • wmic process: running processes
  • wmic service: list services
  • wmic useraccount: local user accounts
  • wmic group: local groups
  • ...

You can filter attributes using get:

PS> wmic computersystem get username,domain,name
Domain     Name  UserName

You can use list <format> to use list display formats:

PS> wmic os list brief # 6 columns, see "/?"
BuildNumber  Organization  RegisteredUser
SerialNumber SystemDirectory Version

File system


Modern versions of Windows use the New Technology File System (NTFS). Before, FAT16/32, and HPFS were used. FAT is still used for devices like USB keys. NTFS is a file system that can repair itself in the event of failure, using logs. It's known as a journaling file system.

Case-insensitive and separator 🏝️

Unlike Linux, for Windows, a and A are the same. And you can use \ (the default separator), and / (Unix separator).

CMD> cd c:\Users\xxx
CMD> cd C:\Users\xxx
CMD> cd /Users/xxx
CMD> cd \Users\xxx

I'm using the below Unix paths because they're easier to write. Some paths may have changed, refer to environment variables.

  • πŸͺ΅ root: /, which is usually c:\
  • 🌳 Windows root: usually /Windows
  • πŸ› user content: Files belonging to a user
    • /Users
    • /Users/xxx/Desktop (ex: user xxx)
    • /Users/xxx/Documents (ex: user xxx)
  • πŸ“‚ Installed programs
    • "/Program Files/"
    • "/Program Files (x86)/"
    • %appdata%: usually used to install apps without administrator privileges (locally installed), or to store application data.

Permissions, and users

windowsfundamentals1xbx windowsfundamentals2x0x windowsfundamentals

Users πŸ§‘

  • NT AUTHORITY\SYSTEM or LocalSystem: a built-in account used by the system to do internal tasks. It has the highest level of permission.
  • NT AUTHORITY\LocalService: a built-in account that can start some services and has few permissions.
  • NT AUTHORITY\NetworkService: a built-in account that can establish authenticated sessions for network services. It has few permissions.
  • Administrator: administrator account to manage users, apps, groups, and system-wide settings...
  • Standard User: can use apps, can access their files...

Groups (Security Groups) πŸ‘ͺ

Administrators can set permissions for a group, and users may be in multiple groups.

User Account Control (UAC) (=sudo) πŸ«…

This is the Admin Approval Mode. When higher privileges are required, Windows will display the UAC Window. Administrator can press yes, while other users will have to log in using an account having sufficient privileges to perform the requested action.

(NTFS) Permissions (doc) πŸ”

Windows has 7 categories of permissions for files on a filesystem: Read (R), Write (W), List Folder Contents (X), Read & Execute (RX), Modify (M), Full Control (F) and Special permissions.

There are advanced permissions: Create Directory (AD), Create File (WD), Delete (D), Execute/Traverse (X), Change Permissions...

You can use the "security" tab from a file/folder properties or use th icacls command to manipulate permissions.

CMD> icacls xxx
CMD> icacls xxx /grant Everyone:F  # group
CMD> icacls xxx /grant username:F  # username
CMD> icacls xxx /remove username

Permissions are inherited (I) by children while they may not (NP). It's also possible to define if folders (CI) or files (OI) inherit ACE.

Environment variables

The syntax to display/use an environment variable is different.

PS> ls Env: # list all
PS> echo $Env:systemroot # print one
PS> $Env:xxx = 'yyy' # set

These commands are only available in a CMD

CMD> set # list all
CMD> echo %windir% # print one

Environment variables are

  • PATH: same use as on Linux, but folders are separated with ";"
  • PATHEXT: extensions that you may omit in commands
  • USERNAME: current user
  • SystemDrive: location to system drive
  • SystemRoot / windir: location to Windows root
  • ProgramFiles: location to program files
  • ProgramFiles(x86): location to program files
  • APPDATA: location to app data
  • TEMP / TMP: location to temp folder

Windows tools

windowsfundamentals1xbx windowsfundamentals2x0x windowsfundamentals

Windows tools can be opened using "execute" (Win βž• R) or in a CMD/PowerShell. Extensions that you may see, such as ".exe", or ".msc", are optional (see PATHEXT). Two well-known tools are:

Task Manager (taskmgr) πŸ•°οΈ

  • Shortcut: CTRL+SHIFT+ESC
  • List of running processes
  • This guide is quite complete Windows Task Manager

Control panel (control.exe) πŸ§‘β€πŸ³

  • This is the entry point to most settings
  • In the top-right corner, it's possible to switch to another view (ex: small icons), in which you may discover menus that you (most likely) never opened before, but may be useful in one way or another.

Computer Management (compmgmt.msc) πŸ‘‘

  • A core tool to manage a computer
  • Can be used to create/manage users/groups
  • Can be used to manage disks, devices, network shares
  • Can be used to manage running tasks, services, listing events (doc, monitoring performance (perfmon/resmon), etc.


Usage πŸ—ΊοΈ: Manage local users and groups.


Usage πŸ—ΊοΈ: manage startup programs and services...


Usage πŸ—ΊοΈ: show Windows version+build, and license holder.

control.exe system

Usage πŸ—ΊοΈ: opens the system control panel with information on the system (device/Windows specs...).


Usage πŸ—ΊοΈ: detailed information about the system, hardware and services. The list is browsable/you can search for something.


Usage πŸ—ΊοΈ: change UAC settings


Usage πŸ—ΊοΈ (doc): view and edit the system registry. This is a database used to store information needed to configure the system for users/applications/devices (ports in use, applications...).

Windows Services


Services are similar to daemons on Linux. They are long-running processes that runs in the background. They were designed to start automatically when the computer starts.

Services are managed from the Service Control Manager (SCM), accessible by executing services.msc.

You can also use the sc.exe utility. Inside CMD, you can use sc while in powershell, you must use sc.exe.

PS> sc.exe query                # list all services
PS> sc.exe qc <service>         # info for a service
PS> sc.exe sdshow <service>     # service permissions (SDDL)
PS> Get-ACL -Path <service_exe> # same

A services can be in one of the following states:

  • Running
  • Paused
  • Stopped
  • StartPending
  • StopPending
  • ContinuePending
  • PausePending

Some critical services cannot be stopped and restarted without a system restart.

Windows Registry


The Windows Registry is a hierarchical database that stores system, hardware, software, user preferences, and other settings.

The Registry is organized into a tree-like structure. The top-level nodes are called "hives," and each hive contains "keys" and "subkeys."

Administrator privileges are required to open and edit the registry. Caution is advised. Use regedit to open the registry.

There are computer- and user-specific keys. The former hives names are starting with HKEY while the latter are starting with HKCU.

The user registry is stored in C:\Users\<USERNAME>\NTUSER.DAT.

The computer registry is stored in C:\Windows\System32\Config\.

PS> reg query xxx # query the registry
PS> reg query hklm\sam
PS> # see also: reg save

Random Notes

Shared Folders


It's possible to share a folder over a network, allowing others on the network to access it. Right-click on a folder and open its properties, then navigate to the "Sharing" tab and share the folder.

In "Advanced Sharing," you can set the share name, the maximum number of simultaneous users, and set the share permissions.

Share permissions are only applied for remote users, along NTFS permissions. There are only three: Full Control, Change, Read.

πŸ”’ They use the CIFS protocol.

➑️ Shares are mostly used with Network Attached Storage (NAS), Storage Area Network (SAN), or Active Directory.

πŸ‘» To-do πŸ‘»

Stuff that I found, but never read/used yet.

  • Windows installer files (also known as .msi files) are used to install applications on the system.
  • Hyper-v
  • PowerToys