System Utilities – CompTIA A+ 220-1002 – 1.5

A system administrator needs the right tools for the job at hand. In this video, you’ll learn about important Windows utilities like regedit, msinfo32, System Restore, and more.

<< Previous Video: Disk Management Next: The Windows Control Panel >>

When you’re using the Windows graphical user interface, there are a number of icons on the desktop that you can use to start applications. But there are also ways to start applications from the run line. This run line allows you to start applications by typing in the name of the app. You can see this in Windows 10, Windows 8, and Windows 7. You can click the Run or the Search option to be able to type in the name of the utility, rather than going through menus or clicking an icon on your desktop.

You can also start a number of these utilities directly from the Windows command line. You can bring up a Windows command line by typing cmd at that run line. And from there, you can start a number of different utilities by typing in the name of the utility and then pressing Enter. There’s a lot of power at the command line. And as you become more familiar with this environment, you’ll find that it’s much faster to do a number of tasks at the command line, rather than doing this in the graphical user interface.

To be able to configure different parts of the Windows operating system or the applications that are running under Windows, you’ll use the registry. This Registry? Can be started the command line by typing reg edit. This is a large hierarchical database that is used by almost every aspect of Windows. If you need to make minor changes to a service or an application, you’ll find that you’ll be using the registry to be able to make those changes.

This means that there may be times when Microsoft or an application developer may ask you to make changes to this registry. A good best practice is to backup a portion of that registry, called a hive, into a separate file. That way, if your changes cause a problem, you can easily revert to the previous configuration.

Here’s the Registry Editor running on my Windows 10 desktop. And this looks the same whether in Windows 7, Windows 8, or Windows 10. On the left side are the HKEYs. HKEY is a shortcut for Handle to Registry Key. And there are a number of different categories of HKEYs. There’s one for CLASSES ROOT, CURRENT USER, LOCAL MACHINE, USERS, and CURRENT CONFIG. This is a hierarchical structure, so I can choose one of these settings and then drill down further from there.

For example, if we choose HKEY LOCAL MACHINE, you can see there’s DRIVERS, HARDWARE, SAM, SECURITY, SOFTWARE, and others. Let’s choose the SOFTWARE option. And you can see options here for Google and Intel, Microsoft and others. If we choose Microsoft, we get a number of different options.

And I’m going to type in Notepad. And as I start typing that in it moves down to the Notepad option. Inside of Notepad is an option for Default Fonts. And you can see there are a number of registry names, registry types, and registry data for that particular registry setting. For example, there is a registry entry for IfFaceName, which allows me to change the default typeface inside of Notepad. If I double click, I can change that value data to be whatever typeface I would like.

Before making any changes to this registry, lets select the File pull-down menu and choose Export. This allows me to export information directly from the registry into a file that I can put anywhere on my storage drive. So let’s add a registry file onto my desktop called notepad-registry. And I’ll click Save. And now, you can see that notepad registry information has been added to my desktop.

I can now make changes into that particular hive. And if I find that I’ve made a mistake, I can double click that registry file. And Windows will prompt me to reload that information back into the registry, so that everything is exactly the way it was before we started.

Let’s make some changes to the registry. But let’s back up those changes so we don’t lose any of this information. Under this DefaultFont’s hive, I’m going to click the File pull-down menu and choose Export. And I’m going to make this the notepad-default-fonts.regs file. And I’m going to save it right here on my desktop. And now you can see that file is listed right there.

If we start Notepad, you’ll see the default typeface is Consolas. Exactly what it says in the registry. Let’s close out this Notepad. And let’s change that typeface by double clicking on the name. And let’s change it to Courier. And I’ll click OK.

Now if we start Notepad, you’ll see that the typeface is quite different. It’s the Courier typeface. That may not be exactly what we want. And if we do make a change like this, especially if there are multiple registry changes, it may take some time to go back to determine what we changed and how we may be able to revert back to the previous configuration.

In this case, we already saved the registry information. So if we double click this dot reg file, Window says that this will be making changes to our device. We say Yes. And it tells us that adding information can unintentionally change or delete values and cause components to stop working correctly. If you do not trust the source of this information, do not add it to the registry. Since we personally saved this registry file, we can trust it. So we’ll click yes. And it says that the keys and values contained in that registry file have been added to the registry.

And if you watch this Courier, when we click OK, it now has changed back to Consolas. And if we start up our Notepad and type in some text, you can see that the typeface has changed back to the original setting.

If you’ve used the Services utility, you may have started it from the Control Panel under Administrative Tools and chose Services. But you can also start Services from the run line or the command line by typing in services.msc. The services utility allows you to control the operations of the background services that are running inside of Windows. If you need to enable, disable, or change any of the settings associated with the service, you would do it from the Services utility.

This is also a good utility to see the dependencies that are associated with each service. For example, some services rely on another service to be running before they themselves can start. So you may find that disabling a service may also disable a number of services along with it that have dependencies on that original service.

Let’s look at an example of some of these service dependencies. I’ve started the Services utility in Windows 10. And I’m going to type print, take me down to the Print Spoiler. And if I double click, I’ll see all of the properties for the Print Spooler service. There’s a tab inside of these Properties for Dependencies. And this will list out two different windows.

The window at the top shows us what services this particular service is dependent on. And the bottom window shows us any services that are dependent on this service. For example, the HTTP service and the Remote Procedure Call, or the RPC service, must be running to have the Print Spooler service running as well. The Fax service relies on the Print Spooler service running, which means that it must also rely on the HTTP service and the Remote Procedure Call service as well.

If you’re doing a lot of system administration, you may want to build your own management console to have exactly the utilities you’d like inside of it. This is the Microsoft Management Console. And you can start this utility by typing MMC at the command line. This allows you to build out exactly what you’d like. And because of that, it starts as a blank slate. You can use snap-ins to be able to add in the popular utilities that you often use.

For example, you can choose Device Manager, Event Viewer, Local Users and Groups. Choose any one of these many snap-ins, and then add them to customize the MMC console. From there, you can save this MMC console as a standard console type. And when you start that console in the future, you’ll have exactly the utilities you like to use all at a single click on the left-hand menu.

If you’ve worked in a help desk before, then you’re probably familiar with the remote desktop function that allows you to see and interact with the user’s computer that may be located in another room, another building, or another country. For Microsoft devices, this is the remote desktop connection. And the name of this utility is the Microsoft Terminal Services Client. You can start this client from the command line by typing MSTSC. And that will bring up this remote desktop connection window.

From here, you’re able to type in the name of a remote computer. Click Connect, and then you’re able to view and interact with the desktop that’s on that remote device. This is very common for servers that may not have a screen or a keyboard connected to them. You would instead connect to those devices using remote desktop and be able to manage those devices, even though they don’t have a screen or a keyboard directly attached to them.

In this video, we’ve already used the Notepad utility. It’s a text editor that is built into Windows and allows you to very easily view and edit text files. If you want to view Log files or edit some of the information inside of a file, you can use the built-in Notepad utility. You can start Notepad by typing notepad at the command line, and you’ll find that this is available in practically any version of Windows that you use.

If you’re running Windows 7 or Windows 8 and 8.1, you may be using the Windows Explorer. In Windows 10 this has been renamed to the File Explorer. This allows you to view all of the files and folders that are on your computer from this graphical user interface. If you need to a launch utility, change the permissions of a file, or delete information from your drive, you can do all of that from the File Explorer. This also gives you an easy way to access network resources. So you can connect to a network share and then be able to modify or change the files that are located on that remote share.

One challenge when troubleshooting unfamiliar computers is you’re not quite certain exactly what type of hardware or software may be running on that device. One way that you can get a consolidated view of this information is to run the Windows System Information utility, or type msinfo32 at the command line. This will show you a breakdown of hardware components, software environments, and you’ll be able to drill down into all of those to get more details about exactly how this computer is configured. From the Components category, you can view information about the displays or any network information. And then under Software Environments, you can get details about drivers that may be installed or any tasks that might be running on the system.

Here’s MS Info 32, or the System Information utility, running in Windows 10. And the System Summary gives this information, such as the operating system details, the BIOS configuration, what different memory might be installed in this computer, and other hardware details. You can also find information under the hardware resources. For example, if you wanted to view the input output addresses for the hardware in the system, you can view it there. There’s also the Component section. So if you wanted to view information on the display, you can get display details right here. And under Software Environment, if you want to view things like what drivers were installed, you can get a detail of exactly how this system is configured with all of its hardware drivers.

DirectX is an API, or an Application Programming Interface, that many developers use to create applications that deal with multimedia or graphics on Windows operating systems. If you’re trying to troubleshoot a problem with one of these applications, you may want to check how DirectX is being used on your local Windows computer. And to be able to do that, you can use the DirectX diagnostics tool or type dx diag at the command line.

This allows you to view DirectX overviews for the system. You can view how DirectX is used for your display, for your sound, and for the input for this computer. This is a good generic diagnostic tool, not just for DirectX. So if you are having problems with graphics or sound, you may want to run some of the tests available inside of dx diag.

Here’s the DirectX diagnostic tool running on Windows 10. You can get an overview of your system here. You can view what the display settings are, the sound, and the input, so that you can see if what you’re expecting to see for this computer is really being seen that way by DirectX and therefore being seen that way by the applications that use DirectX.

The files that are saved on a spinning hard drive are often split into multiple pieces and stored in different places on that drive. To be able to read those files again, your hard drive must spin around and collect all of those different pieces from different areas. And that process takes time. In order to make all of those file fragments contiguous, so they’re stored next to each other on the drive, you can run a Defrag from the command line. This is the Windows disk defragmentation. And this will go through the process of picking up all of the pieces of a file and putting them back together again, all in the correct order on that spinning drive.

These read and write delays associated the fragmented file don’t exist on a solid state drive. So if you’re running an SSD in your computer, you will not see a Defrag option available. If you look at the Properties of your drive, you’ll also see an option there to start the defragmentation. It’s called the Optimize and defragment drive. And you can simply click the Optimize button to begin the process.

Running the defragmentation at the command line requires that you have elevated permissions. So make sure you run as administrator when you start that CMD session. To start the defragmentation, you would type defrag and then specify the drive letter, for example, C colon to begin defragmenting the C drive.

When you start the defragmentation process, it will perform an analysis of the drive and tell you if it does need optimization. In newer versions of Windows, this is automatically scheduled to be performed every week. So you may find that the defragmentation process is not something you need to perform manually.

At the command line, the defrag C colon will show you information about the drive. It will tell you if there is fragmented space. And then you can choose to continue with the process of the defragmentation. Once it’s done, it will say the operation is completed successfully. It gives you an overview of the volume, the free space. And now, of course, you can see that the total fragmentation is 0%.

If you ever need to take the configuration of your computer and go back in time to a previous configuration that was more stable, then you’ll want to use the System Restore utility. Windows is very good about creating these restore points whenever something happens with the operating system. So if you perform a Windows Update or you install a new application, Windows automatically creates one of these restore points.

You can start the System Restore when your system boots up by pressing F8, choosing the Advanced Boot Options and then choosing Repair. In Windows 7, 8, 8.1 and Windows 10, you’ll find this option under the Control Panel and Recovery. When you’re performing one of these system restores, it takes the entire operating system configuration and reverts it to a previous setting. This does not guarantee that it will remove any malware or viruses that may have infected your system, because that malware is very good at not only infecting your current system but also infecting all of the restore points that may be existing on your system as well. If you’re trying to resolve a problem that is not related to malware, then System Restore is a very good option for taking your computer back to a known good setting that was in the past.

Windows Update is the utility built into Windows 7, Windows 8, 8.1, and Windows 10 that can provide automatic updates for the operating system, drivers, and applications. This can be configured to be completely automatic. So as soon as an update is available, your system will download it and automatically install it.

You can configure Windows to download the files, but perhaps wait for you to install that particular update. Or you could tell the system to check, but don’t download any of these files, which can be especially useful if you have limited bandwidth. There is also an option in Windows Update to tell your system to never check for updates. But given how frequent the number of updates are for security patches, that is not something that you probably want to do.

In Windows 10, you have a few additional options available for the update process, including telling Windows when to schedule a restart and when the active hours of your computer might be. So that Windows update will only take effect when your system is not in use.