Windows Troubleshooting

Troubleshooting in Windows XP

System Partition Errors

NTLDR missing or corrupt
Can't find NTDETECT.COM Unable to read BOOT.INI

Boot Partition Errors
Usually get an error reading on screen
Solution is to reboot to last know good configuration or use the recovery console and repair the error

F8 Boot Menu

Safe Mode - Troubleshooting tool that loads basic drivers
Safe Mode with networking - Safe mode with basic network support
Safe Mode Command Prompt Only - Safe mode in command prompt
Enable Boot Logging - Option log found in a file called NTBTLOG.TXT Enable VGA Mode - Boots Windows XP with only standard VGA driver
Last Known Good Configuration - Provides a great way to recover from bad installation and restores from previous state
Debugging Mode - Advanced boot logging

Windows Troubleshooting errors

General Protection Fault - When a memory overwrites another memory
Windows Protection Error - When the virtual device drivers did not load during startup
Illegal Operation - You performed an operation that windows did not like
System Lock up - Memory or to many programs are being used
Blue Screen of Death - Hardware, Device drivers and system being overloaded

Registry

The Registry is a database that the operating systems uses to store hardware and software settings centrally in a hierarchical database

To access the registry
Start>Run> REGEDIT

Data in the Registry

NTOSKRNL.EXE
Device Drivers
User Profiles
Setup Programs
Hardware Profiles
NTDETECT.COM
Components that makeup the registry

Subtree (HKEY_LOCAL_MACHINE and HKEY_USERS)
Keys (are analogous to folders and subfolders)
Entries (has three parts: name, data type and value)
Hive (a discrete body of keys, subkeys, and entries)
Data types (REG_DWORD, REG_SZ and so on)

Registry Keys

HKEY_CURRENT_USER - A log file of the current user log on to the computer
HKEY_USERS - A log file of all the users of the computer
HKEY_LOCAL_MACHINE - A log file of all the computer hardware configuration settings ever installed in your machine
HKEY_CLASSES_ROOT - A log file that is used by Windows explorer to properly associate with file association types
HKEY_CURRENT_CONFIG - A log file of the current hardware configuration settings installed in your machine