Nov 252014
 

What’s ResourceDigger?

Wrote a utility (long back) for displaying resources from binary files, recently did some modifications as well. We know visual studio does provide a similar functionality but this one’s better with respect to viewing resources. You can view as many resource files as you like (haven’t put a limit). You can drag and drop folders or binaries into the application to get them loaded. Loads up any binary as long LoadLibrary succeeds. Quite useful for a quick view of resources in a binary file, will add editing of resources in the next version of this tool. Hope this helps.

Here is a screenshot of how the tool looks…

ResourceDigger: Application Screenshot

How to use ResourceDigger

Easy to use. Just drag and drop a folder or a bunch of executables. Or…
To load an executable press Ctrl + L or Load Exe toolbar button

ResourceDigger: Load Executable

To load a folder press Ctrl +D, or Scan Folder toolbar button. Select “Load Sub Directories” if you want to recurse into sub-directories.

ResourceDigger: Load a folder of resources

What features are supported in ResourceDigger

Some of the features supported by the application…

  • Viewing animated gifs, normal gifs, pngs, jpegs, bmps, HTML files, manifest files.
  • Display group icons, cursors with detailed description of each of them… See screenshot…
    ResourceDigger: Icon Group Display
  • Friendly display of accelerator table, a good way to know all the shortcuts provided by an application…
    ResourceDigger: Accelerator Resource
  • Friendly display of string table…
    ResourceDigger: String table resource
  • Displays resources in all available languages
    ResourceDigger: Multi Languages Resource
    ResourceDigger: Multi Language Dialog Resource
  • Animated view of AVI file. With a toolbar to control frames in the AVI file.
    ResourceDigger: Version Resource
  • Version display… (there are few issues, I’m working on them)
    image
  • Clear view of registry resources…
    ResourceDigger: Registry Resource
  • Toolbar resource view…
    ResourceDigger: Toolbar Resource
  • Menu resource display…
    ResourceDigger: Menu Resource
  • Hex display of custom resources…
    ResourceDigger: Hex display of unknown resources

Known Issues

  • Hangs up if you give a folder with a humungous list of binaries.
  • This is not multithreaded so just be patient until resources finish loading.

Tips

Press ‘*’ on a particular node to expand all its child nodes.

Download Link (rename from .Jpg to .exe)

Do let me know your suggestions…

Nov 052014
 

What’s a Command Prompt?

This is the line of text prefixed automatically by the environment to the command you’re writing for an e.g. see below screenshot…

Customizing Command Prompt

How Can I Customize The Command Prompt?

Microsoft provides a built in command named as Prompt. As the name suggests this just help customize the prompt text shown in a command window. See the help for this command…

c:\Windows\System32>prompt /?
Changes the cmd.exe command prompt.

PROMPT text

text    Specifies a new command prompt.

Prompt can be made up of normal characters and the following special codes:

$A   & (Ampersand)
$B   | (pipe)
$C   ( (Left parenthesis)
$D   Current date
$E   Escape code (ASCII code 27)
$F   ) (Right parenthesis)
$G   > (greater-than sign)
$H   Backspace (erases previous character)
$L   < (less-than sign)
$N   Current drive
$P   Current drive and path
$Q   = (equal sign)
$S     (space)
$T   Current time
$V   Windows version number
$_   Carriage return and linefeed
$$   $ (dollar sign)

If Command Extensions are enabled the PROMPT command supports
the following additional formatting characters:

$+   zero or more plus sign (+) characters depending upon the
depth of the PUSHD directory stack, one character for each
level pushed.

$M   Displays the remote name associated with the current drive
letter or the empty string if current drive is not a network
drive.

Some Killer Sample Prompt Commands and Their Output

Please refer above help to figure what every character after the $ mean…

  • Command: prompt ——$G$P$G
    • New Prompt: ——>c:\Windows\System32>
  • Command: c:\Windows\System32>prompt $V$G$P$G
    • New Prompt: Microsoft Windows [Version 6.3.9600]>c:\Windows\System32>
  • Command: c:\Windows\System32>|>prompt $P$G$B$+$G
    • New Prompt: c:\Windows\System32>|>.
      The above prompt adds a ‘+’ sign for every pushd you do and removes the last ‘+’ after a popd. See below…
  • c:\Windows\System32>|>pushd c:\
    c:\>|+>pushd e:\
    e:\>|++>popd
    c:\>|+>popd
    c:\Windows\System32>|>
  • Funky Command:  prompt ╔═════════════════════╗$_║$P:$G$+║$_╚═════════════════════╝$_
    • New Prompt:
      ╔═════════════════════╗
      ║c:\Windows\System32:>║
      ╚═════════════════════╝

This just shows that you can customize the prompt to some extent. Above prompt will be ok if the current directory path is a small one but once it gets bigger you’ll have to adjust the square…

How to Make the Command Prompt Permanent?

Your custom command prompt will stick only for this session of cmd. If you start another instance of a cmd.exe you’ll end up seeing the default value or the one that’s setup elsewhere (as shown below).

So the question is how do we setup a command prompt that stays across sessions? Via the environment variable PROMPT. See below for my case…

Permanently Customizing Command Prompt

My personal favorite prompt is the one set by following command…

PROMPT $P$G$_$$$G

To set this as your prompt you can add an environment variable called PROMPT. Open environment variable window and then add the value as shown below…

Permanently Customizing Command Prompt

So now if you open a cmd instance you should see the following prompt…

Permanently Customizing Command Prompt

How do I revert my changes to the Command Prompt?

Valid question. To revert back to the original prompt, just type in command PROMPT without any arguments. You should see the prompt revert back to default. You might also want to remove the environment variable PROMPT else for next session you’ll again see the prompt you’ve setup.

Oct 212014
 

What’s Fsutil?

Fsutil is a Windows command line utility to help manage FAT and NTFS file systems. Common uses of this command is to…

  • Manage 8dot3name filenames, remove all short names in a folder.
  • View disk details
  • Query file system parameters
  • Dismounting volumes
  • Turning on last access time stamp on NTFS volumes
  • Figuring out file links
  • etc

I’ll be showing you few sample commands using Fsutil.

How to manage 8dot3name filenames using Fsutil?
Query 8dot3name filename status…

C:\>Fsutil 8dot3name query
The registry state is: 1 (Disable 8dot3 name creation on all volumes).

Scan registry to figure impact if 8dot3name filenames were removed from a directory

C:\>Fsutil 8dot3name scan /s c:\users\username\documents
Scanning registry…
<snip>

Enable or Disable 8dot3name file creation

C:\>Fsutil 8dot3name set
usage : set [0 through 3] | [<Volume Path> 1 | 0]

When a volume is not specified the operation updates the registry value:

0 – Enable 8dot3 name creation on all volumes on the system
1 – Disable 8dot3 name creation on all volumes on the system
2 – Set 8dot3 name creation on a per volume basis
3 – Disable 8dot3 name creation on all volumes except the
system volume

When a volume is specified the operation updates the individual
volume’s on disk flag.  This operation is only meaningful
if the registry value is set to 2.

0 – Enable 8dot3 name creation on this volume
1 – Disable 8dot3 name creation on this volume

This operation takes effect immediately (no reboot required).

Sample commands:
“Fsutil 8dot3name set 1”      – disable 8dot3 name creation on all volumes
“Fsutil 8dot3name set C: 1”   – disable 8dot3 name creation on c:

Strip a folder of 8dot3name file names

C:\>Fsutil 8dot3name strip
Usage : Fsutil 8dot3name strip </t> </s> </f> </l log file> </v> DirectoryPath

This command permanently removes 8dot3 file names from your volume. It will
list the registry keys pointing to the stripped 8dot3names but will not modify
the affected registry keys. Stripping will not be performed on files with full
path names longer than the maximum path length of 260 characters.

***WARNING***
If there are affected registry keys and you decide to use the override
switch /f, it is recommended that you backup your volume as it may lead to
unexpected application failures, including the inability to uninstall.

/t – Test mode – specifies that all operations should be performed
except the actual stripping of the file names.
/s – Recurse mode – specifies that this operation should also be
applied to subdirectories.
/f – Force mode – specifies that the directory should be stripped even
if there are registry conflicts.
/v – Verbose mode – specifies that all information logged should also
be printed out to the console.
/l – Specifies a log file to write to.  This must be followed by a path to the
log file.  If this option is not specified the log file will be:
“%temp%\8dot3_removal_log@(GMT YYYY-MM-DD HH-MM-SS).log”

Sample command:
Fsutil 8dot3name strip /l mylogfile.log /s D:\MyData

Modifying filesystem behavior using Fsutil

Queries or sets NTFS volume behavior, which includes:

  • The last access time stamp on NTFS volumes
  • How often quota events are written to the system log
  • The internal cache levels of NTFS paged pool and NTFS non-paged pool memory
  • The amount of disk space reserved for the master file table (MFT) Zone
  • The silent deletion of data when the system encounters corruption on an NTFS volume.
Disable8dot3 file system behavior using Fsutil

Sample commands…

C:\>Fsutil behavior set Disable8dot3 1
The registry state is now: 1 (Disable 8dot3 name creation on all volumes).

C:\>Fsutil behavior set Disable8dot3 0
The registry state is now: 0 (Enable 8dot3 name creation on all volumes).

Disable or Enable LastAccess timestamps on files using Fsutil

Sample commands…

C:\>Fsutil behavior set DisableLastAccess 1
DisableLastAccess = 1

You should now see LastAccess timestamp enabled on your files

C:\>Fsutil behavior set DisableLastAccess 0
DisableLastAccess = 0

LastAccess timestamp is now disabled for your files.

Sample SymlinkEvaluation command using Fsutil

C:\>Fsutil behavior set SymlinkEvaluation L2L:1 L2R:0
– Will enable local to local symbolic links and disable local to
remote symbolic links. It will not change the state of remote to
remote links or remote to local links.
– This operation takes effect immediately (no reboot required)

Using Fsutil to manage volumes

C:\>Fsutil volume
—- VOLUME Commands Supported —-

diskfree            Query the free space of a volume
dismount            Dismount a volume
querycluster        Query which file is using a particular cluster
filelayout          Query all the information available about the file
allocationreport    Allocated clusters report

How to view free disk space using Fsutil

C:\>Fsutil volume diskfree
Usage : Fsutil volume diskfree <volume pathname>
Eg : Fsutil volume diskfree C:

File usage on clusters using Fsutil

To find the file(s) that are using the clusters, specified by the logical cluster numbers 200 and 0x1000, on drive C, type:

C:\>Fsutil volume querycluster C: 200 0x10000
Cluster 0x0000000000010000 used by —-D \Users\nthomas\AppData\Local\Microsoft\Windows\INetCache\IE\Microsoft.VisualStudio.Data.Tools.Package.resourcesT8HR0EQA.HTM::$DATA
Cluster 0x00000000000000c8 used by —-D \Windows\WinSxS\ia64_microsoft.vc90.debugcrt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_2a4c9d845558f4b7\msvcr90d.dll::$DATA

Using Fsutil to manage files

Usage…

fsutil file [createnew] <FileName> <Length>
fsutil file [findbysid] <UserName> <Directory>
fsutil file [queryallocranges] offset=<Offset> length=<Length> <FileName>
fsutil file [quaeryfileid] <FileName>
fsutil file [queryfilenamebyid] <Volume> <Fileid>
fsutil file [setshortname] <FileName> <ShortName>
fsutil file [setvaliddata] <FileName> <DataLength>
fsutil file [setzerodata] offset=<Offset> length=<Length> <FileName>

More on Fsutil can found on TechNet: http://technet.microsoft.com/en-us/library/cc753059.aspx

Oct 142014
 

Introduction to MiniDumpWriteDump

In this post, let me show you some sample code to create a full memory dump of any given process using the Windows API MiniDumpWriteDump.

Creating Full Memory Dumps using MiniDumpWriteDump

Here’s some sample code to create a full memory dump of any given process. Just call WriteFullDump(hProcessHandle). This process handle must have PROCESS_QUERY_INFORMATION and PROCESS_VM_READ access to the process. If handle information is to be collected then PROCESS_DUP_HANDLE access is also required.

Please test out before production use. Just some quick code that I was writing up for a customer.

#include <tchar.h>
#include <windows.h>
#include <DbgHelp.h>

using namespace std;

#pragma comment (lib, "dbghelp.lib")

void WriteFullDump(HANDLE hProc)
{
   const DWORD Flags = MiniDumpWithFullMemory |
   MiniDumpWithFullMemoryInfo |
   MiniDumpWithHandleData |
   MiniDumpWithUnloadedModules |
   MiniDumpWithThreadInfo;

   HANDLE hFile = CreateFile(_T("F:\\main.dmp"), GENERIC_ALL, 0, nullptr, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, nullptr);
   if (!hFile)
   {
     std::cerr << _T("Failed to write dump: Invalid dump file");
   }
   else
   {
     BOOL Result = MiniDumpWriteDump( hProc,
                                      GetProcessId(hProc),
                                      hFile,
                                      (MINIDUMP_TYPE)Flags,
                                      nullptr,
                                      nullptr,
                                      nullptr );

     CloseHandle(hFile);

     if (!Result)
     {
        std::cerr << _T("Looks like an error: MiniDumpWriteDump failed") ;
     }
   }// End if

   return;
}

Significance of MiniDumpWriteDump flags

What gets into a process’ memory dump is determined by the flags we pass in to MiniDumpWriteDump API. The code that I’ve given produces the biggest dumps possible for a process. The output dump file in this case will have the entire process’ memory, modules, registers, thread information, unloaded module information, and process handle related information.

For our case we’ve given these five flags, this will just basically copy everything from a process’ virtual address space into a dump. Comment out any flags if you’re not interested in that information, for e.g. if you don’t need information on the handles in a process just comment out: MiniDumpWithHandleData.

MiniDumpWithFullMemory |
MiniDumpWithFullMemoryInfo |
MiniDumpWithHandleData |
MiniDumpWithUnloadedModules |
MiniDumpWithThreadInfo;

References

http://msdn.microsoft.com/en-us/library/windows/desktop/ms680360(v=vs.85).aspx

Oct 072014
 

Introduction

There are several known folders in Windows. They are as follows…

  • Desktop
  • Documents
  • Pictures
  • Videos
  • Music
  • Downloads

Below screenshot will demonstrate these folders further…

image

By default these folders are put in under the users directory, for e.g.

  • Desktop: c:\users\<username>\Desktop\
  • Documents: c:\users\<username>\Documents\
  • Pictures: c:\users\<username>\Pictures\
  • Music: c:\users\<username>\Music
  • etc

So why should we change this path?

In my case I had a need to put all these folders under my root folder, i.e. I normally keep a folder structure like D:\NibuRoot\. This helps me to…

  • Put all my files under one folder so that they’re not scattered around.
  • Ease of access
  • Easy to backup, I use beyond compare for backing up.
  • Data stays intact in case of OS corruption as mostly this folder will be in a different partition
  • Ease of use from Explorer and Run dialog. Explorer follows suit.
  • All your Visual Studio Projects are moved to this location as well. All future projects are now created under this folder as well. One primary reason I change the default location.

How to Change the Default Location of the Documents folder?

So I’ll show you a demo for the Documents folder. You can follow the same process for other folders as well…

  1. Open Windows Explorer (Windows Key + E) or just open up any folder.
  2. You should see following list of folders in the left hand side Navigation Pane of Windows Explorer
    image
  3. Right click on the Documents folder, select ‘Properties’.
  4. The folder property dialog pops up, please select ‘Location’ tab as shown below…
    image
  5. Click the ‘Move’ button.
  6. Select/Create a new folder.
  7. Your selection should show up in the ‘Location’ tab. Please verify it indeed does.
    image
  8. Anytime to revert back to the original folder location select ‘Restore Default’.
  9. Please note, once you click ‘Apply’, following dialog pops up. Prompts you to move all the data in the existing ‘Documents’ folder to your new ‘Documents’ folder. Cool isn’t it?
    image
  10. Follow the recommendation.
  11. Yep, that’s it. Now the default path of ‘Documents’ folder has changed to your selection. So now if you type in ‘Documents’ in the Windows run dialog, your new ‘Documents’ folder will open up. Similarly from explorer as well.

Conclusion

This is how we change the default folder path of ‘Documents’ folder. Steps are identical for other folders as well.

Oct 032014
 

Introduction

In this post we will talk about some apparent changes in Windows 10.

New Start Menu

Phew what a RELIEF! We finally got our start menu back and its much better as well. Few options that stares at you straightaway…

  • Shutdown button at the top of the start menu
  • Live Tiles (you can decide what you want on the start menu)
  • Search toolbar
  • All Apps button (quite similar to windows 7)
  • So far my Windows 8 apps (like Visual Studio) continue to work on Windows 10. Relieved!
  • Resize start menu. Adding live tiles could automatically increase the size of your start menu.

Windows 10 Start Menu

Customizing Start Menu Live Tiles

Just right click on a tile and you will see following menu of options come up. The options names are self explanatory.

Windows 10 Start Menu Live Tile Customization

Change color of Start Menu

To personalize your start menu, task bar, window title bars etc. Just right click on an empty area on the start menu. You’ll following see following menu popup. Select a color and click “Save Changes’’ on the resultant color chooser dialog and you’re good to go. I changed to Pink and you’ll see the effect in this clipped shot: background is pink.

image

Start Menu/Screen

Goto taskbar properties and select “Start Menu” tab.

image

Multiple Desktops (Tasks View)

Press Window Key + Tab, You should see following…

image

Multiple desktops

image

How to Close a Desktop

Just hover your mouse a desktop after pressing Windows Key + Tab. You’ll get red close button on the top of that desktop preview.image

Another alternative to show up multiple desktops is to click the Task View button on the Windows TaskBar. See highlighted shot…

image

TaskBar pins Apps across Desktops

If apps are displayed on other desktops then the icon for that will remain across desktops. You will get a small rectangle towards the left of that icon as highlighted below. Just hover your mouse over there and it will show up a list of apps running. Hover over there and then click on respective thumbnail that pops up and it will take you to the desktop where the app is running.

image

Move Apps to another Desktop

In task view, right click on an application main window and, you’ll get following options. Move apps to different desktops…

image

Changes to Windows Explorer

Obvious changes are the name: “Home”. You can play around. You’ll also see a “Share” button as well. There’s a recent folder under favorites which is quite useful as well.

imageimage

Snap Applications to Four Corners of Desktop

This isn’t playing well so far but mostly if you drag an application window to a corner you’ll see a ghost outline which indicates how it’s going to snap, release mouse cursor and the application with snap in place. Alternatively window taskbar provides a way as well, which I’ve been using for long time now. This is there in Windows 8 as well.

image

Oct 082013
 

Map Network Drive Dialog

This how the map network drive dialog look like. So how do we show this dialog programmatically?

Map Network Drive

Map Network Drive Dialog

 

Programmatically invoking Map Network Drive dialog

The windows API’s for showing this dialog is: WNetConnectionDialog and WNetConnectionDialog1. I’ve demonstrated both WNetConnectionDialog and WNetConnectionDialog1 in this code snippet. WNetConnectionDialog is a simple API which takes a window handle and a DWORD. While WNetConnectionDialog1 is an API which provides few more parameters along with the flexibility to set up different options. Here’s the code…

#pragma comment(lib, "Mpr.lib")
void PrvMapNetworkDrive(LPTSTR lptszNetworkPath)
{
    CONNECTDLGSTRUCT condlg = { 0 };
    condlg.cbStructure = sizeof(condlg);
    condlg.hwndOwner = GetConsoleWindow();
    condlg.dwFlags =  CONNDLG_USE_MRU;

    NETRESOURCE nr = { 0 };
    nr.dwScope = RESOURCE_GLOBALNET;
    nr.dwType = RESOURCETYPE_DISK;
    nr.lpRemoteName = lptszNetworkPath;
    nr.dwDisplayType = RESOURCEDISPLAYTYPE_DOMAIN;

    condlg.lpConnRes = &nr;

    const int RetVal = WNetConnectionDialog1(&condlg);
    //const int RetVal = WNetConnectionDialog(GetConsoleWindow(), RESOURCETYPE_DISK);

    switch(RetVal)
    {
    case ERROR_INVALID_PARAMETER:
        cerr << "Error: invalid parameter";
        break;
    case ERROR_BAD_DEV_TYPE:
        cerr << "Error: Bad device type";
        break;
    case ERROR_BUSY:
        cerr << "Error: Busy";
        break;
    case ERROR_NO_NETWORK:
        cerr << "Error: No network";
        break;
    case ERROR_NOT_ENOUGH_MEMORY:
        cerr << "Error: Not enough memory";
        break;
    case ERROR_EXTENDED_ERROR:
        {
            DWORD Err = 0;
            TCHAR ErrBuf[MAX_PATH] = {0};
            TCHAR NameBuf[MAX_PATH] = {0};
            WNetGetLastError(&Err, ErrBuf, MAX_PATH, NameBuf, MAX_PATH);
            cerr << "Error: " << ErrBuf;
        }
        break;
    case NO_ERROR:
        cout << "No error";
        break;
    default:
        break;
    };// End switch
}// End PrvMapNetworkDrive

I’ve added basic error checks, you’ll have to test this out properly before production usage.

Oct 042013
 

You’re not going to believe that you have a screen capture tool built into your operating system. LOL yes, its called PSR.exe. PSR stands for Problem Steps Recorder. The ideal usage of this tool is as follows…

  • Capture repro steps (screenshots) for a bug and to send it your customer
  • Capture screenshots for a particular scenario and send it your colleague
  • Capture screenshots on how to use a tool and send to your parents Smile

Its one easy tool to use. I guess its been there since XP. To run this tool go to the “Run” dialog via (Window Key + R). Type in PSR as shown below…

image

LOL, that’s it? Yep Open-mouthed smile.

Press enter, you’ll see the following dialog pop up…

image

Now all you need to do is to click “Start Record”. Once you do that this is how the dialog will look like…

image

Please note that every time you ‘click’, a screenshot is taken, otherwise no screenshots are taken. Once you are done just say “stop record”, you’ll see the following dialog popup, this dialog will have details of all the actions you did along with screenshots. Every screenshot is titled with a detailed description of what you did.

image

You can review your actions (Review the recorded steps as a slide show ) in slideshow, you can review your actions in “Text” format (click on “Review the additional details”). Note that every step is labeled with a number, for e.g. “Step 1”.

The other feature is that you can add comments to your screenshots via “Add Comment” button while recording.

PSR also provides a settings dialog where can you can turn off Screen capture. Once screen capture is off in your output you’ll just see text as shown below…

Recording Session: ‎10/‎4/‎2013 4:30:50 PM - 4:31:00 PM

Recorded Steps: 8, Missed Steps: 0, Other Errors: 0

Step 1: User left click on "File (menu item)" in "Untitled - Notepad"
UI Elements: File, Application, Untitled - Notepad, Notepad

The best part is yet to come. When you save, it saves all these details in a zip file. Send it to your customer, your team mates or your parents/family. Once you unzip the file, you’ll get just an “mht” file.

image

Just double click and run, should ideally open up in IE. This is how it looks for me…

image

Your customer or colleague can view screenshots as a slideshow or they can scroll down and view screenshots. I’m using PSR these days. Thought I’ll share this with you folks as well.

Sep 302013
 

Download: http://technet.microsoft.com/en-us/sysinternals/bb896656.aspx

SysInternals product suite has an application called listdlls which helps in listing/searching for dlls loaded in a process. This tool is useful in the following scenarios.

  • List all dlls used in a process or within all processes…
  • List all processes using a particular dll
  • List all unsigned dlls
  • List all relocated dlls
  • List dlls along with their version number
  • Listing can be done via process id/process name.
Sample usage:

List the DLLs loaded into winword.exe, including their version information:
listdlls -v winword

Show processes that have loaded kernel32.DLL:
listdlls -d kernel32.dll

listdlls also kind of help in figuring out malware’s by helping in searching for unsigned dll’s. I didn’t know I had an unsigned module in my application execution list when executing the tests for writing this blog, As soon as I found one, renamed and quarantined the suspicious file. Note that not all unsigned modules are malware’s but there is a high chance for it to be a malware.

listdlls –u

listdlls is useful to locate relocated modules. The following command lists out all relocated modules in a given process. If you remove process name its going to list out relocated modules of all processes.

listdlls –r

Just above a relocated module (in the output generated) you’ll find the following line of text.

  ### Relocated from base of 0x00400000:
0x0000000001ba0000  0x26000   C:\windows\CCM\sqlceer35EN.DLL

Another piece of information generated in the output by listdlls is the command line for a process, which is very useful information. Also note that Process Explorer also does something similar in searching for a module loaded by a process, but this one’s quick and to the point. Enjoy!

Sep 242013
 

Default Settings for Command Prompt

The default command prompt setting on Windows is pretty limited. Some limitation that I found while working on the command prompt is as follows…

  • Screen buffer size is very little. This means output of commands like ‘tree’ will not show up entirely in the command prompt. Once you scroll up you’ll not see the whole text. As a workaround you’ll have to redirect output to a text file.
  • Same with horizontal text, the text wraps around once the text touches the horizontal screen limit. I find this behavior annoying since this reduces readability.
  • Color is black and white. Its always cool to have different colors. I normally have dark red as background and white as foreground color.
  • Window size is limited. When you maximize command prompt it will only take half the screen size horizontally.
  • Its so painful to copy and paste. I want this feature to behave as in text editors like notepad. For e.g. just drag to select, instead of right clicking and selecting the “Mark” option.

After Customization of Command Prompt

Its very easy to customize our good old command prompt so that it stores more text vertically as well as horizontally. We can easily give good colors, better height and width etc. After customization this is how my command prompt looks in normal mode.

Command Prompt

Keep an eye on the scrollbar. The scrollbar thumbs are very small in size meaning they can scroll a lot more, which means more text. If you maximize the command prompt it occupies the entire screen as well.

Command Prompt Full Screen

If you look at the above output and the vertical scrollbar, I still have lots of screen buffer. If I scroll up I still see the command’s entire output. Isn’t this cool.

Copying and pasting is easy as well. Drag to select, right click on the selected area to copy and right click again to paste Smile. LOL that’s real cool. The selection is a free selection, always selects as a rectangle. See screenshot below…

Command Prompt with Selected Text

How to Customize Command Prompt

The whole customization lies in the command prompt’s system menu. Click on the dark icon at the far left corner, i.e. the system icon, of command prompt, select “Properties”. You should see a properties dialog popup.

To customize selection, copy, paste behavior check the “Quick edit” checkbox…

Command Prompt Properties Dialog: Options

To customize Font select appropriate fonts on the “Font” tab. This is how mine looks.

Command Prompt Properties Dialog: Font

To customize color, select appropriate colors in the “Colors” tab. This is how mine looks…

Command Prompt Properties Dialog: Colors

Please note there is a screen background and a popup background. Also there is a “Screen Text” and “Popup Text”. Screens stands for command prompt background, while popup stands for popup command dialogs, for e.g. press F7, the command history ‘popup’ window pops up…

Command Prompt Popup Dialog

Now comes my favorite, increasing the screen buffer size, or increasing the text buffer size of command prompt. This setting controls how much text the command prompt can hold. Please select the layout tab in the command prompt..

Command Prompt Properties Dialog: Layout

I’ve set the “Screen buffer Size” field values to high values so that it can hold as much text as possible. You can set your own values based on your preferences.

Hope this helps you in some way. Smile