CompTIA A+ Exam 220-902 sub-objective 4.1 – Given a scenario, troubleshoot PC operating system problems with appropriate tools

Part 2 of 2 – Covers “Tools” – Click here for Part 1

Back to the main 902 ExamNotes page

Detailed (and official) description of CompTIA A+ sub-objective 4.1

4.1 Given a scenario, troubleshoot PC operating system problems with appropriate tools.
Common symptoms
Proprietary crash screens (BSOD/pin wheel)
Failure to boot
Improper shutdown
Spontaneous shutdown/restart
Device fails to start/detected
Missing dll message
Services fails to start
Compatibility error
Slow system performance
Boots to safe mode
File fails to open
Missing NTLDR
Missing Boot.ini
Missing operating system
Missing Graphical Interface
Missing GRUB/LILO
Kernel panic
Graphical Interface fails to load
Multiple Monitor misalignment/orientation

Tools
BIOS/UEFI
SFC
Logs
Recovery console
Repair disks
Pre-installation environments
MSCONFIG
DEFRAG
REGSRV32
REGEDIT
Event viewer
Safe mode
Command prompt
Emergency repair disk
Automated system recovery
Uninstall/reinstall/repair

Welcome to Exam Notes by CertBlaster! Well you have made it to CompTIA Main Domain 4 and you are well on your way to finishing up the list of A+ 220-902 objectives. Sub-objective 4.1 covers problems with a PC operating system, the symptoms that will present themselves and the tools you have to identify and fix any problems you encounter. This sub-objective is so large that we are presenting it as a Part 1 and Part 2. In this Part 2 we are covering all the items under “Tools” (in Part 1 we covered all the items falling under “Common Systems”). Here we go!

Tools

BIOS/UEFI

The System BIOS and UEFI fundamentally control many of the same functions with UEFI having considerably more capabilities. UEFI loads as an extension within BIOS allowing backwards compatibility in addition to other advancements. With that said it is important to note that not all operating systems can take advantage of the new features For example Windows 7 cannot utilize all of the newer features in which case the UEFI must be set to compatibility mode. If you have a BIOS based motherboard you cannot upgrade it to UEFI. The advantages of UEFI may be sufficient to warrant an upgrade. Your initial impression is visually dramatic. Before you even get to the settings you will notice the highly updated graphical environment. Gone is the stark 16-bit menu driven text based interface. The UEFI can function at 32 or 64-bits. It’s new look is not purely cosmetic.

The 32 and 64 bit capability means that it can support significantly more NVRAM for the program itself! The BIOS system had a 1MB limit on the size of the interface.  Now to the operating system, although this is OS dependent it is still noteworthy. Once the operating system initiated then a 32 bit(x86) Windows 8.1 OS supports up to 4GB of RAM and the 64 bit 8.1 Professional and Enterprise Editions of the OS support 512GB. The limit here is how many memory modules the motherboard supports and what capacity can each slot handle. When discussing disk storage UEFI blows the ceiling off of the legacy storage limitations shifting the limit back to your wallet. Here very importantly you need to understand the storage configuration to be implemented. Traditionally you were limited to MBR based disk storage. This translates to a maximum disk size of 2.2TB this is important because this BIOS limitation makes any sector addresses on the disk to be inaccessible. This same limitation restricts the bootable disk size. This has been overcome in part by using the GPT file system. GPT (GUID Partitioning System) allows for disk sizes of 16EB (Exabytes). Again any disk larger than 2TB is non-bootable under the BIOS limitation. This can cause problems when managing disks. Only UEFI disks can support the larger capacity drives. Also do not try to partition a GPT drive with older MBR based tools Regardless of any partitions on the GPT disk MBR tools will treat it as a single partition creating dire consequences for your data. There are protections, but it’s best to do all of your research before doing anything between the two partition types.

SFC

Microsoft System File Checker (SFC.exe) is a very useful tool when resolving system issues. The utility scans the file system for missing or corrupt system files SFC is run from an Administrative Command prompt and is most effective in Safe Mode. The Safe Mode option is recommended since the files being checked are system files and will be in use and otherwise protected by the OS. The command to execute the utility is sfc /scannow. This will take some time to complete. Here is the result of a scan reporting the Windows Resource Protection with no integrity violations.

Screenshot of Completed SFC Scan
Completed SFC Scan

Logs

System and application logs can be quite useful when troubleshooting system behavior. Assuming you can interpret the output a good log file can bring you right to your issue. A prime example would be the Event Viewer. This utility records every relevant incident on your PC, good or bad. Most utilities provide the capability to view the contents of the log file. In cases where they are accessed separately they will usually be contained in the same folder with the utility stored as a .log file. Below we see a small portion of the reporting available in the Event Viewer which include these event level types, Critical, Error, Warning, Information and Audit Success/Failure. The screen below shows the information about an Error. The Details tab includes information that can be used by administrators and programmers to further identify the issue.

Popup showing Event Viewer Log
Event Viewer Log

Recovery console

The Windows Recovery Console is a diagnostic utility implemented with Windows XP and executed at boot either from the installation media or from the hard drive if it was installed. When present on the hard drive it will be listed as a boot option. When executed it displays similarly to a Command Prompt except it is more powerful because it is run pre-boot enabling it to act on otherwise protected files.

The Startup

After POST everything that happens is OS dependent. In the event of a serious problem you may only have your installation media or any rescue disks you created. The better prepared you are for startup problems the higher the probability of a positive outcome.

Repair disks

PC’s come with the operating system preloaded and each installation prompts you to create restore media on CDs or DVDs. Do this! If your disk crashes you are out of luck. Having repair media will be the difference between having a chance at recovering your data.

Pre-installation environments

This repair approach includes an expanded boot options interface and allows you access protected Windows files to diagnose, repair or replace them. The Windows Pre-installation environment began as an administrative system deployment tool and is a scaled down version of the operating system. This repair tool loads between POST and the OS providing the capability to diagnose startup problems, and launch other diagnostic and repair tools such as Windows RE (Recovery Environment). As the environment evolved it was incorporated into the Windows Automated Installation Kit and subsequently the Windows Assessment and Deployment Kit (ADK). When launched using bootable media the ADK can be used to clone disks before the operating system loads and uses or detects any protected system files. The kit is freely available to download and install or it can be downloaded and run offline without requiring an internet connection.

MSCONFIG

The “go to” utility for manually diagnosing the boot process msconfig.exe provides the ability to selectively configure the system boot parameters as well as controlling the services that load. We reviewed the boot options tab earlier in the “Boots to safe mode” section.  The Services tab displays the available selected services. On first view there appear to be over 150 services selected on this machine. A closer examination shows that many are stopped reducing the overall impact. Unless you are reacting to a specific error it is best to leave the Microsoft services alone. It would be an arduous task so sort through all of these services so the utility is designed to hide the Microsoft services leaving only those installed with programs. We can see the dramatic reduction once we hide those services in the interface. First we see all selected services and then view the result when the Microsoft services are hidden.

screenshot of Full Msconfig Services
Full Msconfig Services View
Screenshot of Hidden Microsoft Services View
Hidden Microsoft Services View

The Startup program configuration was moved to the Task Manager in Windows 8 for easier access. Lastly the tools tab gives you the ability to launch system tools like Windows Troubleshooting, Event Viewer, System Restore and more directly from this interface.

DEFRAG

On magnetic disks files that are accessed are not always saved to their original location. Since files are a collection of disk clusters consisting of 512 byte sectors, a file may end up using different clusters than the original source when it is saved or closed, often with parts of the file in stored in noncontiguous locations. A file that has this condition is referred to as fragmented. This is a common condition and generally does not constitute a problem however over time it can result in reduced performance. The solution is to defragment the drive using the Disk Defragmenter system utility. This will move the files on the drive to the optimal locations in contiguous clusters. The defragmenter can be run regularly as a scheduled task. It can be accessed from the drive property sheet or launched from the command prompt by entering the filename defrag.exe with the target drive letter E.g. Defrag C: will defragment the C: drive. You should not defrag solid state drives because the constant read/write activity will cause premature wear on the storage blocks.

REGSRV32

Regsvr32 is the Windows command line utility for OLE (Object Linking and Embedding) registering and unregistering OLE (Object Linking and Embedding) DLLs and ActiveX (OCX) components in the registry. Most commonly you will use the tool in response to a component based error, during boot or when launching a program. There are a variety of error messages some related to regsvr32 related files being missing. This could be attributed to the nature of DLLs and ActiveX components. These files are typically shared and used by more than one application creating the possibility of deleting the shared object when uninstalling a program. The path of least resistance in a case like this would be to reinstall the program that generated the error. If you find that impractical you will need to resort to manually registering the component from an elevated command prompt. There are two versions of this file on a 64 bit operating system, a 32 bit version and a 64 bit version and they are distinguished only by their location. The 32 bit version is located in the %systemroot%\SysWOW64\ folder and the 64 bit version located in the %systemroot%\System32\ folder.  Be careful entering the path to the regsvr32 file. To register a component use the full path to the correct version regsvr32 file without additional parameters and the full path and filename of the component being registered. Using this command with the /u parameter will unregister the component. Other causes of regsvr32 errors are registry corruption and virus/malware infection. Malware is fond of this file due to its capabilities. Be vigilant if you need to replace this file use a trusted source and scan the file before using it.

REGEDIT

Regedit is the registry editor for Windows. This is a powerful tool and any changes you make in it are saved immediately on closing without the customary safeguard prompts. If you make a mistake correct it on the spot. Once you close the registry editor you live with what you did. It is recommended to make a backup of the registry to fall back on just in case. Two versions of the tool are available Regedit and Regedt32. One last note on this, Microsoft says: “Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall the operating system.” Good information to have before you make any hasty changes.

Event viewer

As discussed earlier in the Logs section the Event Viewer captures errors, warnings and general information regarding the system. Custom Views can be created to isolate specific events for easier viewing. Depending on the age of your installation there can be hundreds of thousands events stored.  It provides information that is valuable to the user as well as the specific details surrounding each entry that help with deeper diagnosis.

Safe mode

Booting a Windows installation into Safe Mode starts the system with the minimum hardware and services needed to run the diagnostic and repair tools like the SFC, chkdsk, Windows Memory Diagnostics and Device Manager to check hardware errors.  The Safe Mode configuration can be launched in the standard mode or with Networking to allow downloading updates, patches and drivers. You can boot Safe Mode to a Command Prompt to run command line utilities.

Command prompt

Most diagnostic and repair tools can be launched from a Command prompt within Windows, by booting to Safe Mode with Command prompt or from the Recovery Environment. It is possible that the GUI cannot be accessed making your knowledge of the actual filenames of the commands that launch these tools crucial. You also need to be familiar with the switches used to modify the behavior of those commands. For example chkdsk run without modification will diagnose the disk but will not repair it without the /r switch.  Research these commands, enter them at a command prompt and use the /? Switch to display the tool’s options. Commit them to memory as they will ultimately save you one day.

Emergency repair disk

An Emergency Repair Disk is your life raft when your system crashes. The repair disks are bootable optical CD-ROMs or DVDs that contain the necessary system data to repair or in the worst case recover your hard drive but Windows 8 added the ability to create a USB Recovery drive. Be advised that there is a considerable difference between repairing a system and recovering it. The repair will have minimum impact on your drive contents while the recovery will return your system to factory settings or the configuration that the disk was created from depending on when it was created.

Automated system recovery

Automated system Restore (ASR) has two components: The automated backup and the automated restore. There is a limitation here that involves your personal content. It will not be backed up and therefore cannot be restored. This should be your last resort in attempting to recover your system should all other options fail.

Uninstall/reinstall/repair

When troubleshooting malfunctioning programs the features of the Control Panel provides the ability to troubleshoot using the program’s repair options. This often resolves the issue. If it does not you will need to uninstall then reinstall the program. Make sure you have access to the installer either online or from a DVD.

Well that’s all for 4.1! Onward and upward. Good luck on the test!

Back to the main 902 ExamNotes page

Part 1 of 2 covers “Common symptoms” Click here for Part 1

 

Leave a Reply

Your email address will not be published. Required fields are marked *

On Facebook

Share This
Real Time Web Analytics