Operating System Troubleshooting Tools – CompTIA A+ 220-802: 4.6

If you’re troubleshooting the
Windows XP operating system and you just aren’t having any
success in recovering the OS and you’ve tried the last known
good configuration, you’ve tried Safe Mode, you
tried everything you could think of, you might want to go
to the last resort available, which is something called
automated system recovery. Automated system recovery is a
floppy disk that you would build in the Windows backup. If you go to Accessories, System
Tools, and Backup, you can choose that option to create
an automated system recovery floppy disk. Now, this floppy disk
is not bootable. You still need your Windows
installation media. You need a system backup. And you need this
ASR, automated system recovery disk. What is going to happen is
that this process will completely delete everything
on your disk. It will rebuild all of your
partitions and volumes. And it will then prompt you
to restore the data from a previous backup. So this naturally assumes that
you’re going to have one of those backups available. If you don’t have a backup,
there will be no way to restore this. This is something that is going
to be very destructive. You will lose all of the data
on your system when you perform an automated
system recovery. Once you decide that you’re
going to use this automated system recovery process, you
would boot with your Windows installation media and choose
the repair options available. And it will prompt you
for your ASR floppy. And you’ll put that floppy disk
in and it will delete everything on your disk and
rebuild all of those partitions. You want to be sure that you
have a backup because once this is done, the ASR process
will then prompt you to begin the recovery from those
backup disks. So you want to be sure that you have that backup available. The ASR process itself is not
backing up any of your data. Even though you’re going into
the Windows backup program and you’re choosing to create that
ASR disk, there is nothing but a single floppy that describes
how your system is configured. It doesn’t have any of
your data on it. So always think about having
this ASR process in your back pocket. But it’s probably going to be
something that you’re going to wait until the very last
opportunity to ever take advantage of it. In Windows Vista and Windows 7,
we have some other options available to help
us troubleshoot operating system problems. One of these is the System
Recovery Options. You can get to the System
Recovery Options by booting the computer with your Windows
installation media for Windows Vista and Windows 7. One of the challenges you have
of course is that a lot of the computers that you buy
these days don’t have installation media. They don’t include the DVDs
anywhere in the box. And they don’t really give you a
way to create your own DVDs. Fortunately, Windows does give
you a way to create the System Recovery Options
bootable disk. If you go into your Backup and
Restore options in Windows Vista or Windows 7, one of the
options available is to create a system repair disk. This creates a bootable disk
into what’s called a preinstallation environment. And it starts this process
to load the System Recovery Options. This doesn’t change
any of your data. It doesn’t delete anything. It gives you the option to
choose what you would like to do at this point. And then you could choose the
Startup/Repair, a System Restore, an Image Recovery, a
Memory Diagnostic, or go right down to the command prompt. So this gives you
some options. If the operating system is not
working properly on your storage device, you could always
slide in your repair disk, launch the System Recovery
Options and try to troubleshoot directly
from here. If you’ve used these recovery
options before, you may notice that the user interface looks
and feels a lot like Windows. It’s not a full-blown
version of Windows. It’s a minimal version of
Windows called Windows PE. The PE stands for
Preinstallation Environment. If you’ve ever gone through
those recovery options, you have used that PE. The Windows PE is also used
during the setup process for Windows Vista and Windows 7,
where the Windows environment is there, but you don’t have
a normal desktop available. You could build your own Windows
PE for Windows Vista and Windows 7. You can use the Windows
Automated Installation Kit. There’s also one for Windows
8, which is the Windows 8 Assessment and Deployment Kit. There’s also a number of
third-party Windows PE tools that you can download. BartPE is probably one of
the most popular ones. You can download it, burn it
to a DVD ROM, and use that with a lot of pre-installed
tools available that might help you during the
troubleshooting process. If you’ve ever had a malware
infection on your system or you’ve had some corruption to
your hard drive, one of the recommendations you often see
is to run the SFC before you begin using your system again. SFC is a command called
System File Checker. And it performs an integrity
scan of all of your system files. That way it can check to see
if the Windows operating system files are really
the correct ones. If some type of malware was to
replace or damage one of those files, SFC will notice the file
is different and give you options for recovering
and putting the correct file in its place. If your operating system is
starting, but it’s still running into problems, you
can’t quite get a desktop loaded or certain applications
aren’t working properly once your computer starts up, you
might want to perform some diagnoses and start breaking
down where the problem might be. And the msconfig, the Microsoft
System Configuration utility, provides you with a lot
of options for doing that. You can control exactly
what happens during the boot process. You can enable or
disable certain applications from loading. You can also change the way that
your services operate. If you don’t want certain
services loading during that operating system start, you can
modify and change those directly from this view. There’s also a one-click View
where you could choose which tool you would like
to use next. This is a frontend that allows
you to really start customizing how the
system boots up. And if you’re trying to
troubleshoot those nagging start up problems, this may
be exactly the tool you’re looking for. If you’re having performance
problems when you’re accessing files that are on your hard
drive, you may want to consider performing a defragmentation of those files. As files are written to your
hard drive, they can be split into smaller pieces and stored
in very different spots on that drive. This becomes a challenge now
when you need to read that file because you have to go
back to every single place where that file might have been
stored so that you can put it all back together and
be able to use it in your application. The defragmentation process will
take all of those small pieces that are scattered
about and put them all together into a contiguous
view. That way reading the file
is going to be much more efficient because the file is
all contained in one place. To start this defragmentation,
you can look at the properties of your drive and go to the
Tools folder and choose Defragmentation or you can go to
the command line and simply type the defrag command. You can also choose to put this
defragmentation process on a schedule, so you can wait
until 2:00 or 3:00 in the morning, run the
defragmentation. And when you get up, the
defragmentation has already been completed. You can use something like the
Task Scheduler, which you’ll find in the Control Panel under
Administrative Tools. Find the Task Scheduler and you
can configure exactly when you’d like the defragmentation
to run. The Windows operating system
relies heavily on this massive hierarchical database
called the registry. A lot of information about your
applications, your system configuration, the services,
the drivers that you’re running, practically every
little piece of your operating system is stored in
this big database. And there’s some very, very
critical information. If part of that database
becomes incorrect or corrupted, your system may
have problems running an application, booting your
system, using certain pieces of hardware. So your registry obviously
becomes a very important place to go when you’re
troubleshooting your system. And to be able to see what’s
inside of the registry, you’d use a program called regedit,
R-E-G-E-D-I-T, the registry editor. The registry allows you full
and complete access to edit the information that’s inside
of the registry. You can also add keys. You can delete keys from
your registry. And of course, you can back
up the information in your registry and import it
if you’d like to. It’s very common when you’re
making a change inside of the registry that you export out the
section you’re working on. That way if your change causes
a problem, you can simply import the old configuration
right back into the registry. Another important utility that
affects what’s in the registry is the Microsoft Register
Server. This is regsvr32. This is an application that
allows you to register and unregister DLLs from the
operating system. And if you’re troubleshooting
an application problem, it might have something relating to
some of the libraries, the dynamic link libraries, that
are used in Windows. This effectively does a registry
update that tells the Windows operating system where
this DLL is and what version it is and other information that
the application needs to be able to use that dynamic
link library. In the Windows operating system,
there are a lot of different things happening
all simultaneously. They can be difficult to discern
exactly what’s going on with the operating system
just by watching things on your screen. That’s why we have
the Event Viewer. The Event Viewer is a place
where we can see everything that might be happening
on your system. And its’ separated out
into different areas. For instance, you can see
Application and Security and Setup and System, along with
other events that you can then filter out from there. If you’re trying to troubleshoot
what might be happening on startup, maybe
there’s a blue screen of death that’s giving a problem, maybe
you’ve having a driver that isn’t loading properly, you
may be able to find information inside of
the Event Viewer. You can also parse out this
information based on how critical the problem is. So you could see information
errors, warning, error, critical, successful audits,
failure audits. And you can filter out
and view exactly the way you’d like to. The Event Viewer is also
keeping all of this information stored over a very
long period of time. So if somebody has been
complaining about a problem that occurred two weeks ago,
you can rewind the Event Viewer, look back in time, and
see in the log what occurred when that user was having
that problem. A number of operating system
troubleshooting tools are available before you even start
the operating system. If you press F8 while your
operating system is loading, you’ll get the advanced
boot options menu. And you can see a lot of
different options are available here. If you wanted to run things in
Safe Mode, you wanted to run the Windows Recovery Console,
if you wanted to go back to last known good configuration,
you can do all of this before your Windows operating
system even starts. This is also the place
you’d go to store things like Safe Mode. Once you hit F8 and choose those
advanced boot options, you can start in Safe Mode,
which is only going to give you just the necessary drivers
to get Windows running. Sometimes you’d like a few
extra drivers loaded. Maybe you’d like to also enable
the networking drivers as well, along with what would
normally occur during the Safe Mode boot. Or maybe you start Windows in
Safe Mode, but you don’t boot the desktop. You go straight to a command
prompt, instead of going to the graphical display. There’s also a mode called Low
Resolution Mode or VGA mode. This is going to start your
Windows, but it’s not going to use the standard video driver
that’s usually loading with your system. That way if you’ve made a
mistake with your video configuration, you can start
your Windows into this Low Resolution Mode, modify the
video settings, and then reboot into the proper
resolution. One of the more powerful
operating system troubleshooting tools
you have available is the command prompt. And you can get to the command
prompt without even starting your operating system. In Windows XP, you can start
from the Windows installation media. In Windows Vista and Windows 7,
you go to System Recovery Options and Command Prompt. You would do with your Windows
installation media or your recovery disk to be
able to do that. I have an entire video on how
to use that command prompt. Look for using the
Windows Recovery Console and Command Prompt. This is a very, very
powerful feature. You only want to go into the
command prompt and begin modifying the operating system
if you know exactly what you’re doing. You don’t want to go into that
command prompt, change some files, delete some files, and
then realize that you can’t recover from that problem. This is something that gives you
complete control though. You can move files around. You can replace operating
system files because the operating system hasn’t
booted yet. You can turn on services. You can disable services. If you need to build another
Master Boot Record on your drive or the boot sector that’s
in a partition, you can also do that from this
command prompt. And you can also change the
drive configuration itself. If you wanted to repartition
and reformat entire drives, you can do all of that from
this command prompt. So as you can see you have a lot
of options available for troubleshooting your
operating system. Hopefully, some of these tools
will help you when you run into a problem and get your
operating system back up and running quickly.

Bernard Jenkins

Leave a Reply

Your email address will not be published. Required fields are marked *