4.6 Windows System Part 3

00:00

All right. Hello And welcome to command line basics in this video, Brannock over. Windows System commands three. I'm Christopher Heller, and this begin

00:08

start learning objectives for this video. We're allowing the f Sutil command understand the S f C command and learned the cheque. Discontent

00:17

Pre assessment. The chest check. This command can be used to potentially repair a hard drive. Is this true or false?

00:25

Answer is a true the check. This command can be used to inspect file sectors of a hard drive and potentially help repair them in order to bring that hard drive back to working state.

00:38

This is something that I used very often as a system administrator, and I was able to help save a lot of files for specific people.

00:47

All right, we're gonna start with the f sutil these air file system utilities. This is a very expansive tool for the Windows command line, and it will allow you to look at NT. If that's quotas, you can see how to repair. You know, specific parts of the file system.

01:02

You can also look at the U. S. N or the uniforms. Sequence number four, the NT F s a Journal

01:07

and with the anti if s journal is is as changes are made to the file system, it keeps a running log of these changes to the disc. That way, the file system can look and make sure that before the system shuts down and makes all these

01:23

validations and the changes toothy file system on the hard drive,

01:29

we can also change the dirty bit as well. Using F S u till now with the dirty *** is is if the's systems shut off in a non graceful manner where the power it was just pulled completely or something crazy went on and got a blue screen,

01:45

then the dirty bit would be set on the anti if s system. And this says, Hey, the system did not shut down properly last time, so you may need to check it in order for it to work.

01:56

So let's pull up my command prompt

02:00

and let's take a look at f sutil

02:01

slash question Mark.

02:05

It looks like that is not a valid parameter. So it looks like we have a whole bunch of different information that we can do.

02:12

We could look a quota repair. He was sent in volume management. So a lot of useful information. And this is definitely more of a system administrator tool than a pen testing tool

02:24

was that s f c. It's his system filed. Check now, What this does is it searches the protected system files for Windows, the operating system files, and it can help recover any files that are corrupted or not working properly.

02:39

This is very useful. If you're operating system is not working properly, we can use the S S C. It'll run through all of these protected system files and search for any that either don't have the correct hash or aren't healthy in that kind of Windows aspect.

02:57

And I'll help replace them and hopefully working a little better.

03:00

So this is a very useful command that I highly recommend from the Windows administrators side toe help troubleshoot any issues that you or user may be having.

03:12

We have the check this command, just check it disc,

03:15

and this is a used to validate the actual sectors on the desk instead of looking at the final system. And it does attempt to repair the sector if you ask it to. This is a very useful command to use in the recovery mode of four windows. If the system did not brute properly, we can go into the safe vote.

03:34

You can run the check, this command

03:37

and we can also ask it, Hey, I want you to look through all these sectors, and if you see something that doesn't look right, I want you to try and repair it the best you can. And like I was saying at the beginning of this video, I've used this command a lot to help save data for specific users.

03:53

And these air bigger, more important users for my network, where they had some very important data than I needed to recover. And I was able to use the Check Dis command to properly boot back into their system. We could copy those files and give them back ups. So it's very useful way to kind of hopefully help save the day.

04:13

If you got something crazy going on for a system,

04:16

let's give a quick demonstration of that as well.

04:18

New chick disc slash question mark.

04:23

We have a lot of really good switches for us. It's well where we don't like it either specific volumes or we could look at the file names as well.

04:31

And this is the slash are where a little, uh, locate the bad sectors and then recover readable information so very useful on the slash f fixes the errors on the discus. Well,

04:44

so highly recommend using this. If you're having difficulty with a computer booting properly, this may save you and ah, looking like a real hero to your user.

04:56

All right, suppose assessment Which command is used to validate and repair Windows operating system files? Is it a f Sutil

05:02

be checked disc See Recovery mode or D S S. C.

05:10

The answer is D S F C system file check. The big difference between this and checked is is that the SFC is specifically for the Windows operating system files out for the rest of the desk. So is a very useful command in order to use to help repair a window system that may not be functioning properly.

05:29

The recovery mode is a ah mode out run all of these different commands, but it doesn't necessarily validate and repair this files by themselves. The check this command could work, but it's not the specific purpose. Where has the sea command its whole purpose specifically for the windows. Oh, West Files

05:48

in the f Sutil.

05:49

He's used to kind of look through the final system, but not necessarily help repair it as well as the other two commands.