Windows Administrative Tools & Utilities
Key Takeaways
- Task Manager (Ctrl+Shift+Esc) shows running processes, CPU/RAM/disk/network usage, startup programs, services, and user sessions — it is the first tool for diagnosing performance issues.
- Microsoft Management Console (MMC) hosts snap-ins like Device Manager, Disk Management, Event Viewer, Computer Management, Local Users and Groups, and Group Policy Editor.
- Event Viewer (eventvwr.msc) logs system events in Application, System, Security, and Setup categories — use it to diagnose crashes, errors, and security events.
- Disk Management (diskmgmt.msc) allows creating, deleting, formatting, and resizing partitions, initializing new disks, changing drive letters, and converting between MBR and GPT.
- System Configuration (msconfig) controls boot options, service startup, startup programs, and is used for clean boot troubleshooting to isolate problematic services or drivers.
Last updated: March 2026
Windows Administrative Tools & Utilities
Task Manager (Ctrl+Shift+Esc or Ctrl+Alt+Del)
| Tab | Function |
|---|---|
| Processes | Shows all running applications and background processes with CPU, RAM, disk, and network usage |
| Performance | Real-time graphs for CPU, memory, disk, network, and GPU utilization |
| App History | Resource usage history for UWP/Store apps |
| Startup | Lists programs that run at startup with their impact rating (High/Medium/Low) |
| Users | Shows logged-in users and their resource consumption |
| Details | Detailed process list with PID, status, CPU, and memory |
| Services | Lists all Windows services and their status (running/stopped) |
Exam Use Case: If a computer is running slowly, open Task Manager to identify which process is consuming excessive CPU, RAM, or disk resources.
Key MMC Snap-ins
Device Manager (devmgmt.msc)
- View and manage all hardware devices and their drivers
- Yellow triangle (!) — Driver issue or conflict
- Red X — Device is disabled
- Down arrow — Device is disabled by user
- Actions: Update driver, roll back driver, uninstall device, disable device, scan for hardware changes
Disk Management (diskmgmt.msc)
| Action | Description |
|---|---|
| Initialize Disk | Prepare new disk for use (choose MBR or GPT) |
| Create Partition | Create new primary, extended, or logical partition |
| Format | Apply file system (NTFS, FAT32, exFAT) |
| Extend Volume | Increase partition size (requires adjacent unallocated space) |
| Shrink Volume | Decrease partition size to create unallocated space |
| Change Drive Letter | Reassign drive letter |
| Convert to Dynamic | Convert basic disk to dynamic (enables advanced features like spanning, striping) |
MBR vs. GPT:
| Feature | MBR (Master Boot Record) | GPT (GUID Partition Table) |
|---|---|---|
| Max Partitions | 4 primary (or 3 primary + 1 extended) | 128 partitions |
| Max Disk Size | 2.2 TB | 9.4 ZB (virtually unlimited) |
| Boot Mode | Legacy BIOS | UEFI |
| Redundancy | Single partition table | Backup partition table (header + backup) |
| Modern Standard | No | Yes — required for Windows 11 |
Event Viewer (eventvwr.msc)
| Log | Contents |
|---|---|
| Application | Events from installed applications and programs |
| System | Events from Windows system components, drivers, services |
| Security | Login/logout events, resource access, policy changes (audit events) |
| Setup | Events related to Windows installation and updates |
Event Levels:
- Information (blue i) — Normal operation, no action needed
- Warning (yellow triangle) — Potential problem, may need attention
- Error (red circle) — Significant problem, something failed
- Critical (red X) — Severe failure requiring immediate attention
Other Important MMC Snap-ins
| Snap-in | Launch Command | Purpose |
|---|---|---|
| Computer Management | compmgmt.msc | Combined view of Device Manager, Disk Management, Users, Event Viewer |
| Local Users and Groups | lusrmgr.msc | Manage user accounts and group memberships (Pro only) |
| Group Policy Editor | gpedit.msc | Configure local and domain policies (Pro/Enterprise only) |
| Certificate Manager | certmgr.msc | Manage digital certificates |
| Performance Monitor | perfmon.msc | Detailed performance monitoring and logging |
| Task Scheduler | taskschd.msc | Schedule automated tasks |
| System Information | msinfo32 | Detailed hardware and software system information |
| Resource Monitor | resmon | Real-time resource monitoring (CPU, disk, network, memory per process) |
System Configuration (msconfig)
| Tab | Purpose |
|---|---|
| General | Startup selection: Normal, Diagnostic, or Selective |
| Boot | Boot options: Safe boot, timeout, default OS |
| Services | Enable/disable services (use "Hide all Microsoft services" for clean boot) |
| Startup | Links to Task Manager startup tab (Windows 10/11) |
| Tools | Quick launch shortcuts to other admin tools |
Clean Boot Process (Isolating Problems)
- Open msconfig
- Go to Services tab → Check "Hide all Microsoft services" → Click "Disable all"
- Go to Startup tab → Open Task Manager → Disable all startup items
- Restart the computer
- If the problem disappears, re-enable services/startup items in groups to find the culprit
Registry Editor (regedit)
The Windows Registry is a hierarchical database of system and application settings:
| Hive | Contents |
|---|---|
| HKEY_LOCAL_MACHINE (HKLM) | Hardware, software, and system settings for all users |
| HKEY_CURRENT_USER (HKCU) | Settings for the currently logged-in user |
| HKEY_USERS (HKU) | Profiles for all user accounts on the system |
| HKEY_CLASSES_ROOT (HKCR) | File associations and COM object registration |
| HKEY_CURRENT_CONFIG (HKCC) | Current hardware profile settings |
Warning: Editing the registry incorrectly can cause Windows to become unbootable. Always back up the registry before making changes (File > Export in regedit).
Test Your Knowledge
A user reports that their computer is running very slowly. Which tool should you open FIRST to identify the cause?
A
B
C
D
Test Your Knowledge
In Device Manager, a device with a yellow triangle icon indicates:
A
B
C
D
Test Your KnowledgeMatching
Match each Windows tool to its launch command:
Match each item on the left with the correct item on the right
1
Device Manager
2
Disk Management
3
Event Viewer
4
Group Policy Editor
Test Your Knowledge
What is the maximum disk size supported by a GPT (GUID Partition Table)?
A
B
C
D