Tools for Maintaining & Optimizing Windows

March 31, 2009

For years, techs have accepted as their lot in life the curse of having to use dozens of different command line and GUI tools that simply did not behave in a consistent way. Microsoft addresses this issue in Windows 2000 and XP with the Microsoft Management Console (MMC). The MCC enables Microsoft, and third-party vendors, to create tools that present a consistent face while maintaining a high degree of flexibility.

Another tool that is built into Windows 2000/XP is the Task Manager. The Task Manager enables you to monitor currently running programs and processes, change their priority, and stop them if necessary.

Microsoft Management Console (MMC)
The MMC is simply a shell program that holds individual utilities called snap-ins. You can start the MMC by opening the Run option and typing in MMC to get a blank MMC console. Blank MMC consoles aren’t much to look at. The function of the MMC changes depending on what snap-in is loaded. Many of the tools in the Control Panel’s Administrative Tools folder are simply pre-configured MMC’s. Virtually every traditional windows tool – and a lot of new ones – are now snap-ins. You can easily create custom MMC’s with the snap-ins of your choice loaded. Let’s look at how to do that by manually loading one of your most important tools, the Device Manager.

Device Manager
As you know, the Device Manager is one of the most used tools we have (it’s oddly not included with Windows NT). It’s easy enough to get to it the traditional way – by opening the System Properties applet in the Control Panel, clicking the Hardware tab, and then clicking the Device Manager button – but it makes more sense to “cut to the chase” and configure a custom MMC with the Device Manager. Open up a blank MMC, then in Windows 2000, click Console; in Windows XP, click File. In either O/S, select Add/Remove Snap-in, and then click the Add button to see a list of available snap-ins. After you click Add, choose the computer the snap-in will manage. Select Local Computer to focus on the local system, or browse to always focus the tool on a different computer on your network, and click Finish. After this, close the Add Standalone Snap-in box. The Device Manager will be listed in the Standalone page of the Add/Remove Snap-in box. Click OK to close it, and then click Device Manager under Console Root. Once you’ve added the snap-in you want, just save the console under any name you want (with the extension of .msc). Now, you’re only a double-click away from the Device Manager! Microsoft also knows that some folks like things the old way, so the company has created a bunch of pre-made, locked consoles for you and dropped them in the same places, where you’d expect them to be (if you have previous experience with Windows 9x). You can open the Windows System Utility in Windows 2000/XP, for example, by clicking Start/Programs/Accessories/System Tools/System Information. It’s the good ol’ System Information Utility, but it’s an MMC-style snap-in.

Event Viewer
Another important snap-in is Windows Event Viewer. Work with Event Viewer (available in Windows NT, 2000 and XP). Work with Event Viewer for a while and you’ll see that monitoring various log files reveals things about the health of the operating system through the behavior (logged events) of its services and applications. Event Viewer is usually started from the Administrative Tools. In Windows 2000, open the Control Panel, double-click the Administrative Tools icon, and double-click the Event Viewer icon. In Windows XP, open the Control Panel, double-click the Performance and Maintenance icon, then Administrative Tools, then Event Viewer. The Event Viewer will display events from three log files: Application, Security and System. 

Types of Events
Event Viewer displays five types of events. The System and Applications logs have Error, Warning, and Information events, while the Security log displays Success Audit and Failure Audit events. An Error event is bad news – something’s broken or data has been lost. In the Application log, this can mean an entire application hung up or an operation failed. In the System log, this can mean that a service failed. A service is a special program that provides specific functionality to the O/S. A warning is something that isn’t critical, but may mean there is trouble to come. For instance, if disk space is low, a Warning event is logged. An information event is the only good news, because it means an application, driver, or service successfully completed an operation.

Event Viewer Settings
In Event Viewer, alternate-click System select Properties. In Properties, look at the Log Size box, which defines the maximum size a log file may grow to, and what action should be taken when the log file reaches the maximum. The defaults are 512 KB and Overwrite Events Older Than 7 Days. You can easily reconfigure these settings, but be aware that large log files take up a lot of space on the hard disk drive. If scrolling through large log files makes you dizzy, you can use Filter settings to make the viewer show only specific selections. Change the filter settings so that when you are viewing a large log file, you can filter out events by type, source, category ID, user, computer, and date. Keep in mind that this controls only what Event Viewer displays: all events will still be logged to the file, so you can change your filter settings without worrying about losing logged data.

Clearing, Archiving and Opening a Log File
Clear the System Log by alternate-clicking System Log and selecting Clear All Events. You’ll be prompted to save the System Log. To do so, click the Yes button. You can archive a log file that you want to be able to view later by saving it with a unique filename. To open the file you just saved, click the Action menu, select Open Log File, select the file, then the log type (System, Application, or Security), and then click Open.

Task Manager
The Task Manager is another important utility in the tech’s toolbox. Not an MMC snap-in, but a freestanding utility, the Task Manager enables you to monitor, in real time, your PC’s currently running programs and processes and gauge overall system performance. There are several ways to look at the Task Manager. The following work in Windows NT, 2000 and XP:

Press the CTRL-SHIFT-ESC key combination
Press CTRL-ALT-DEL once
Alternate click on a blank area of the task bar and select Task Manager from the pop-up menu
Select Start | Run and type taskmgr

The Task Manager displays three property sheets: Applications, Processes, and Performance. Windows XP also adds tabs for Networking and Users. At the bottom of the utility window is a summary of the total number of processes running, total CPU usage, and total RAM usage (called Commit Charge in Windows XP).

The Applications property sheet shows all applications currently running on your system, along with their active status (Running, Not Responding, or Stopped). Using the Application property sheet,  you can close an application (End Task), make an application active (Switch To), or start an application (New Task).

Every program or service running on your system is actually one or more discrete process. The Processes property sheet lists processes and services currently running on the system. There’s a lot you can do from the Processes tab. Look at the Processes tab on your system and compare it to the Application tab. Notice that there’s a lot of stuff showing in process that doesn’t show applications.That’s because the Applications tab shows only applications started by the user. It does not show any services or any child processes started by applications or by services. You can end a process in the Processes tab by alternate clicking and selecting End Task from the pop-up menu. The End Process Tree will close that process and any other processes started by that process. Notepad is a simple program that does not start any other processes, so just click End Process – Windows gives you a warning screen – then click OK. You can do a lot more than just close processes in the Processes tab. For each process running, you will see a unique Process ID (PID), the amount of CPU time that the process is using, the amount of time the process has been running, and the amount of system memory usage. One of the handiest aspects of the Process tab is the memory usage. Try starting a few bigger programs – Microsoft Word is a good example – and see how much memory they use.  You can also set the priority for processes in the Process tab – a very handy way to give more important programs more of the CPU’s time. the priority determines the order in which the threads of a process are scheduled for the CPU. To set a base priority for a process, alternate click the process and select Set Priority from the pop-up menu, then select a base priority for the process to run at. Choices are Real-Time, High, Above Normal, Normal, Below Normal, and Low. Be aware that increasing the base priority of one process may adversely affect other processes running on the system. This is especially so if you assign a process Realtime base priority, which, depending on the application, can cause the system to stop responding.

The Performance property sheet gives you a graphical overview of the system’s CPU and memory usage. You can see real-time graphs of CPU and memory usage and the total number of handles, threads  and other processes.

Handles are values assigned to open resources such as files or Registry keys. Threads are discrete chunks of processes. Just as a program is made of processes, a process is made of threads.

The Performance tab gives some very nice details on memory usage, particularly the physical, commit charge, and kernel memory statistics.

Physical memory is the actual RAM on your system. The Performance tab shows the total amount of RAM, the amount available, and the amount used for the system cache (the system cache is basically just the disk  cache).

Commit Charge memory is the amount of memory that is actually being used. The Limit is the total amount of both physical and virtual memory, and the Peak is the most you have used recently.

Kernel Memory statistics show the memory used by the core Windows files. This one is probably the least useful.

Available only on Windows XP, the Networking tab shows the State, Link, Speed and Percentage of Network Utilization for NICs installed on the system. Aside from providing a pretty graph, the Networking tab doesn’t enable you to perform any real technical tasks on your NIC or network connection.

The Users tab shows names and session status of users configured to access the PC. You can use this tab to disconnect users currently logged onto the system, or send messages to users on other systems in the same workgroup. The Users tab is available on Windows XP PCs that belong to a workgroup (no domain) and have Fast User Switching enabled.

%d bloggers like this: