You know the basics—ipconfig, ping, tasklist. But when systems are burning at 2 AM and your usual toolkit isn't cutting it, you need the deep cuts. The commands that Microsoft tucked away in corners most admins never explore.
I've been troubleshooting Windows systems for years, and some of my biggest "wow, that actually worked" moments came from commands I stumbled across by accident. These aren't your everyday utilities—they're the specialized tools that can turn a mystery problem into a solved ticket.
The Reality of Windows Troubleshooting
Let's be honest about what really happens when complex issues hit. You try the obvious stuff first: restart services, check event logs, run the standard network commands. But sometimes those standard tools just aren't enough.
That's when you need these hidden gems—commands that dive deeper into Windows internals, reveal information the GUI won't show you, and fix problems that would otherwise require a full reinstall.
System Information and Diagnostics
1. msinfo32 - The Ultimate System Overview
msinfo32 /report C:\system_report.txt
This creates a comprehensive system report including hardware, software, and system configuration. Way more detailed than what you see in System Properties. Perfect for remote troubleshooting when you need complete system specs.
2. systeminfo - Command Line System Details
systeminfo | findstr /B /C:"OS Name" /C:"OS Version" /C:"System Boot Time"
Gets detailed system information without opening GUI tools. The findstr filters show only the most critical info. Great for quick system checks in scripts.
3. wmic - Windows Management Interface (Before It Dies)
wmic computersystem get manufacturer,model,name,domain
wmic bios get serialnumber
Query almost anything about the system. Since WMIC is deprecated, learn these now before you have to migrate to PowerShell equivalents.
4. winver - Exact Windows Version
winver
Shows the precise Windows version and build number. More accurate than what System Properties shows, especially for insider builds and specific updates.
Network Troubleshooting Deep Cuts
5. netsh winsock reset - Fix Broken Network Stack
netsh winsock reset
netsh int ip reset
When network connectivity is completely broken but the hardware seems fine, this resets the entire network stack. Has saved me from countless reinstalls.
6. netsh interface show interface - Interface Status
netsh interface show interface
netsh interface set interface "Local Area Connection" admin=disable
netsh interface set interface "Local Area Connection" admin=enable
Shows all network interfaces and their status. Perfect for remotely enabling/disabling network adapters when GUI isn't available.
7. arp -a - See Network Neighbors
arp -a
arp -d *
Shows the ARP table—what devices your computer has recently communicated with. The second command clears the ARP cache, useful for resolving connectivity issues.
8. nbtstat -n - NetBIOS Information
nbtstat -n
nbtstat -a computername
Shows NetBIOS names and resolves NetBIOS issues. Still relevant in many corporate environments with legacy applications.
File System and Disk Management
9. sfc /verifyonly - Check System Files Without Fixing
sfc /verifyonly
sfc /scannow
The /verifyonly switch checks system file integrity without attempting repairs. Run this first to see if you actually need the full scan and repair.
10. chkdsk /f /v - Verbose Disk Check
chkdsk C: /f /v
The /v switch provides verbose output showing exactly what files are being checked. Helps you understand what's actually happening during the scan.
11. compact - File Compression Management
compact /c /s:C:\temp
compact /u /s:C:\temp
Compress or uncompress files and folders to save disk space. The /s switch applies to subdirectories. Useful when disk space is critically low.
12. fsutil - File System Utilities
fsutil dirty query C:
fsutil volume diskfree C:
Low-level file system operations. dirty query shows if a volume is marked for chkdsk at next boot. diskfree shows exact disk space information.
Process and Performance Monitoring
13. tasklist /svc - Services Running in Each Process
tasklist /svc
tasklist /fi "memusage gt 100000"
Shows which services are running in each process. The filter example shows only processes using more than 100MB of RAM. Essential for tracking down resource hogs.
14. wmic process - Advanced Process Information
wmic process where "name='chrome.exe'" get processid,commandline
wmic process where "processid=1234" get parentprocessid,name
Get detailed information about processes including command line arguments and parent processes. Great for tracking down suspicious processes.
15. typeperf - Real-time Performance Counters
typeperf "\Processor(_Total)\% Processor Time" -sc 10
typeperf "\Memory\Available MBytes" -sc 5
Command-line performance monitoring. Shows real-time CPU usage, memory, disk I/O, etc. The -sc parameter limits the number of samples.
Registry and Configuration
16. reg query - Read Registry Without GUI
reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion" /v ProductName
reg query "HKCU\Software\Microsoft\Windows\CurrentVersion\Run"
Query registry values from command line. Second example shows startup programs for current user. Essential for remote troubleshooting.
17. whoami /all - Complete User Information
whoami /all
whoami /groups
Shows current user's complete security context including group memberships and privileges. Critical for troubleshooting permission issues.
18. gpresult /r - Group Policy Information
gpresult /r
gpresult /h C:\gp_report.html
Shows applied group policies for current user and computer. The /h switch creates an HTML report that's much easier to read.
Security and User Management
19. cipher - Encryption and Secure Deletion
cipher /w:C:\temp
cipher /e /s:C:\confidential
The /w switch securely wipes deleted data from free space—crucial for security. The /e switch encrypts files and folders.
20. net session - Active Network Sessions
net session
net session \\computername /delete
Shows active network sessions to the local computer. Useful for seeing who's connected to shared resources and for forcibly disconnecting sessions.
Pro Tips for Using These Commands
Always run as administrator when possible. Many of these commands require elevated privileges to show complete information or make changes.
Combine commands with findstr to filter output:
systeminfo | findstr /i "boot time"
tasklist | findstr /i "chrome"
Redirect output to files for documentation:
msinfo32 /report C:\logs\system_$(date).txt
systeminfo > C:\logs\sysinfo.txt
Use these in batch scripts for automated troubleshooting:
@echo off
echo System Information Report
echo =====================
systeminfo | findstr /B /C:"OS Name" /C:"System Boot Time"
echo.
echo Network Configuration
echo ===================
netsh interface show interface
When to Use These Commands
These aren't everyday tools—they're your troubleshooting arsenal for when standard methods fail. Use msinfo32 when you need complete system documentation. Deploy typeperf when performance issues are intermittent. Leverage cipher /w when dealing with sensitive data cleanup.
The key is knowing they exist before you need them. When you're troubleshooting a complex issue at 2 AM, these commands can be the difference between a quick fix and an all-night debugging session.
Building Your Command Arsenal
Start by testing these commands in a lab environment. Some of them can make significant changes to system configuration, so understand what they do before using them on production systems.
Create a personal cheat sheet with the commands most relevant to your environment. Not every command will be useful in every situation, but having them ready when you need them is invaluable.
The Bottom Line
Windows has hundreds of built-in troubleshooting tools that most admins never discover. These 20 commands represent just the tip of the iceberg—powerful utilities that can solve problems the GUI can't even detect.
The best troubleshooters aren't necessarily the ones with the most expensive tools. They're the ones who know how to extract information from the system using whatever's available. These commands give you that capability.
Which of these commands surprised you? Have you discovered any hidden Windows utilities that saved the day? I'd love to hear about your favorite troubleshooting commands that aren't in this list.
Remember—the goal isn't to memorize every command, but to know they exist when you need them. Because when systems are down and users are calling, having the right tool can make all the difference.
Forward this to a fellow admin who needs these commands.