The troubleshooting process can involve many different tasks and utilities. In this video, you’ll learn about defragmentation, restarting services, rolling back to previous configurations, and much more.
<< Previous Video: Troubleshooting Windows Next: Troubleshooting Security Issues >>
When a computer is saving files to a hard drive, it’s not necessarily saving all pieces of that file in one place. It’s very common for files to be cut into smaller pieces and saved in different places on the drive. This means if we need to access that file later, we need to go to each section of that drive where the pieces of the file are stored and gather all of those details before we can read the entire file.
On a spinning hard drive, that process of gathering all of the pieces of the file takes time. It would be much faster if we could place the file on the drive contiguously, which means that it’s all in order from the first part of the file through the last part of the file. Then you don’t have to search around the drive to gather all of the pieces, since all of those pieces would be located in the same area.
Windows includes a defragmentation utility that can take all of those separate pieces of files and put them into a contiguous area. You’ll find that in the Drive properties under the Defragmentation option. And there’s an option there to Defragment now. You can also start this same process from the command line by typing in defrag. And you may notice in newer versions of Windows that the defragmentation process has already been added to the weekly schedule. You’ll find that under Control Panel, Administrative Tools, and Task Scheduler.
One of the most common troubleshooting tasks that we usually start with is to reboot the computer. But why do we always go through a reboot process when we’re trying to troubleshoot a problem? Sometimes, the problem is associated with bad code. If that bad code happens to be on a router, you have to reset the router to be able to reload that software and get back to a known good state.
This might also be a situation where an application is using too many resources on your computer, or your computer is not sized properly for the application that you’re running. Eventually, the application uses all of the resources on your system. It crashes. And the only way to start things again is to restart your system.
Sometimes, there’s a bug in a piece of software that will cause it to eat away at the resources little by little. A good example of this is a memory leak, which is slowly going to consume all of the available memory in your computer. And then once all the memory is used, your system has to be restarted.
Instead of rebooting the system, sometimes you can find the exact application causing the problem and simply administratively stop that application from executing. You can kill these tasks from Task Manager. You can go to the Processes tab, get a list of all of the different processes running on your computer, and then you can sort them by CPU usage or memory utilization and find the application causing the problem.
Then all you have to do is right mouse click on the task and choose to end that particular task. Although this might not solve your application problems every time, it may save you from having to restart your computer.
Sometimes, our problematic programs are applications that run in the background. In Windows, we call these services. And fortunately, Task Manager has a tab that allows you to see all of the running services on your computer. These services have the same type of problems that an interactive application might have.
They might have a bug that causes a memory leak, or they tend to hang and need to be restarted. Inside of Task Manager, you can right mouse click on the service, choose to stop, restart, or open the services application to find more detail about that particular service.
When you’re troubleshooting a network problem, it’s useful to know the configuration between the device and the switch it’s connected to. You want to be sure that the speed and the duplex match each other on both sides. Most of the time, the end device and the switch are set to auto-negotiate, which means they will both choose the best setting for speed and duplex. And they’ll make sure that they match on both sides.
Unfortunately, auto-negotiate doesn’t always work 100% of the time. There are certain situations with certain chipsets and certain network configurations where auto-configuration may not be 100% reliable. If you look at the configuration settings inside of the driver, you can see that the speeds and duplexes may be set for auto-negotiation. But this view does not tell you what the auto-negotiated value was. For that information, you can look at the network details at the command line or view the information in the Event Viewer.
The key is to have the speed and the duplex match on both sides. If a laptop is configured for one gigabit communication, then it also needs to be set for one gigabit on the switch. And if it’s set for full duplex on the laptop, it also needs to be set to full duplex on the switch. If any of those are mismatched, you’ll have errors and slowdowns in being able to communicate across the network.
Windows is an enormous operating system. There’s many moving parts inside of the operating system. There’s registry settings. There’s library files. There’s executable for the operating system and so much more. When it comes to troubleshooting these problems, it can be difficult to find the root cause of any particular issue. And when you’re in a business environment, every bit of time you’re spending on troubleshooting is taking away from time that you could be using on the business.
For that reason, many organizations will have pre-built images that they know work properly in their environment. And if you run into a problem in Windows that’s difficult to troubleshoot, it can often be much faster to reimage the system than trying to find the root cause of that issue and resolve it. And if you’re on a home computer, you may not have an image that’s been pre-built.
So you can use the built-in capabilities within Windows 8.1 and Windows 10 to perform a reset. You’ll find that under Settings, Update and Security, and Recovery. Inside of the recovery settings, you have the option to reset a PC where you can either keep your files, which removes apps and settings but keeps your personal files, or remove everything and start fresh with a new version of Windows.
If you choose Reset this PC, you’ll have the option to keep my files, which removes your apps and settings, but keeps all of your personal files intact. If you’d like to remove Windows files and your personal files and start fresh, you can choose the option to remove everything.
If you make a change to your Windows configuration, and it creates a problem, it would be a little bit drastic to reemerge the entire system. Instead, you can use the restore point function inside of Windows to go back in time to a previous configuration point. This allows you to move your configuration back to a previous config, but it doesn’t touch any of your personal files on the computer.
The restore point configuration is set in System Properties under System Protection. And in there, you have the option to turn on your protection settings and configure how much space you’d like to use for that system protection. From that point forward, when you make a major change to the configuration of Windows, it creates a restore point.
For example, if you install an application, a restore point is going to be created automatically before that application’s installed. That way, if you run into a problem, you can always revert back to the configuration prior to installing that app.
The same thing applies to device drivers. If a device driver’s installed, a restore point is created. And you can go back in time to restore the previous driver. You can access System Restore from your system properties, or you can press F8 when your system’s booting. Here are the recovery options inside of Windows 7. I pressed F8 when my system was booting and chose to repair this computer. And the system recovery options were presented. And inside of there are the System Restore options.
Many bugs and issues can be resolved in Windows by updating the operating system. And inside of Windows is Windows Update. This is a centralized updating utility that keeps your system files all up to date with the latest releases. You have a lot of flexibility inside of Windows Update to define how updates will be installed.
Will they simply be downloaded, and you’ll install them? Or will they be automatically installed at a certain time? You get to define what your active hours are so that Windows can perform these updates when you’re not in front of your computer. And you can tell Windows not to download files over slow network links, or network links with metered connections.
Although Windows Update will keep Windows patched, you also have to be sure to keep all of your applications updated. And most applications have their own system for updating the app. You may have to manually download updates from the manufacturer’s website, or there may be some built-in process inside of the application itself.
Sometimes, making one single change in a configuration file or removing a file from a computer can break an entire application. And instead of having to uninstall and reinstall the entire app, some applications will give you the option to repair the application. This may fix corrupted files, or replace files that are missing.
It may fix registry entries and resolve any other issues that might cause this application not to work properly. Not every application has a repair function unfortunately. But if one is available for your app, it can save you a lot of time when you’re trying to resolve application issues.
We commonly boot from the primary storage drive of our system. But sometimes, we may want to boot from a DVD-ROM, or from a USB drive. And you may plug in the USB drive, boot your system, but still find that it boots from the primary storage drive inside of your computer. The BIOS inside of your computer will determine what drives are used during the boot process. And if your USB drive isn’t listed, or it’s listed below your primary drive, then it will never boot from that USB device.
If you look at the configuration settings of your BIOS, you’ll be able to find the boot section. And it will show you what devices are used to boot from and in what order. On this computer, for example, we try booting from the CD-ROM drive. Then we try any removable devices, and then finally the hard drive.
If you’re having problems booting from something other than the normal storage drive, then it’s probably one of these configurations inside of your BIOS. Fortunately, it’s very easy to find and easy to change. And you’ll be able to boot from one of those other drives just by modifying the boot order.
If a problem occurs during the boot process, it may be due to an application that’s starting up automatically, or a service that’s starting up automatically. And it’s difficult to know exactly what that might be because we load many different applications and services during that startup process.
One of the things you could do is to enable or disable certain applications and certain services so that they don’t start during the startup process. You can either disable one at a time, or you can disable all of them and begin adding them back one at a time. This might take a number of restarts until you find the problematic application. But going through it in a very methodical way allows you to narrow down where the problem might be.
If you’re in Windows 7, Windows 8, or Windows 10, you can manage the services inside of Control Panel, Administrative Tools, and Services. From there, you’ll have a list of all of the services loaded on your computer, the process of whether they are running or not, and then you can choose to enable or disable those processes from running during startup. When Windows starts, it’s loading all of the applications and all of the services needed to run your version of Windows.
But if you’re troubleshooting the operating system, you may want to run in a version that doesn’t enable all of these features. We call this Safe Mode. And you would enable Safe Mode from the startup settings inside of Windows 7, Windows 8, or Windows 10. You would normally press F8 during the boot process, and then inside of the advanced boot options, enable the settings to show the startup settings, and then finally enable Safe Mode.
The default for Safe Mode is to start Windows with just the necessary drivers to get running. But you may find that you need network access. So you may want to start Safe Mode with networking, which enables connectivity to the network. If you need a command prompt inside of Safe Mode, there is a separate Safe Mode for that as well. And if your issue is with the display, you can start Safe Mode in VGA mode, which gives you a basic video configuration for Windows.
To get to Safe Mode in Windows 7, we need to get to the advanced boot options. If your Windows 7 starts with a Windows Boot Manager, you would press F8 when that screen appears. If you’re not using the Windows Boot Manager, and you simply boot directly into Windows 7, you can press F8 during the boot process. That will present you with the advanced boot options page, where you can choose Safe Mode, Safe Mode with networking, and Safe Mode with command prompt.
If you press F8 while Windows 8 is loading, you’ll get choose an option with this graphical blue screen. And you can choose the option to troubleshoot. Inside of the Refresh your PC or Reset your PC options, there is an option for Advanced Options. And if you select Advanced Options, you’ll have System Restore, System Image Recovery, Startup Repair, Command Prompt, and the one we would like to start Safe Mode is Startup Settings.
This will tell you that it will restart Windows now and give you the option for Safe Mode. You simply press the restart button. Windows will restart and give you the option for all of those startup settings, which includes Safe Mode, Safe Mode with networking, and Safe Mode with command prompt.
In Windows 8 and Windows 10, you may find pressing F8 during the startup process doesn’t allow you access into the startup options. This is because of an option in Windows called Fast Startup, which does not shut down your system completely, so when you turn it back on, it’s not starting the boot process from the very beginning. This means that you can’t press F8 to stop the boot process because your system is really recovering from a hibernate mode.
If you’re at the Windows desktop, and you would like to restart your system to show those options, you can hold down the Shift key when you’re clicking Restart. You can also choose Settings, Update and Security, Recovery, Advanced Startup, and Restart Now. There’s also an option to enable this configuration in your system configuration utility which is also called MSConfig.
Those options will work if you have access to the Windows desktop. But if you’re troubleshooting a problem with Windows, you may not be able to boot the operating system. In those cases, you could simply interrupt the boot process three times. And after the third time, the boot options page will appear.
The options for starting Safe Mode in Windows 10 are slightly different than those in Windows 8. From the Choose an Option screen, you would choose Troubleshoot. Inside of that Troubleshoot option, you would choose Advanced Options. And at the bottom of the Advanced Options list, it says See More Recovery Options.
If you choose that option, you’ll have the option for Startup Settings, which tells you the system will reboot, which will allow you access to enable Safe Mode. To be able to do that, you simply click Restart. Windows will restart to the Startup Settings page. And from here, you can enable Safe Mode, enable Safe Mode with networking, or enable Safe Mode with command prompt.
Once you start Windows in Safe Mode, you’ll know that you’re in Safe Mode because each corner of the screen will plainly say Safe Mode. And at the top of the screen, you’ll have information on which version and build you’re running of Microsoft Windows. If you work in a Windows domain environment, you may occasionally have to rebuild a Windows profile. Each user has a saved profile on the Windows domain. And that profile can be used to move from computer to computer. And the user settings and files will all move with the user.
If the profile is ever corrupted, or you run into problems, you may find messages appearing on the screen that say the user profile service failed to log on, or the user profile cannot be loaded, or the user may find that their files are no longer listed on their desktop the way they once were. To resolve these problems, you would need to recreate the profile. Unfortunately, there is no easy way to repair a profile. But if you delete the profile the next time the user logs in, a new profile will be created.
For the first step, we have to delete the existing profile from the user’s computer. So we would log into their computer with domain administrator rights. This gives us permission to rename the existing user folder. You’ll find the user’s directory with all of their files under the slash user’s folder. If you rename this, you’re able to recover those files later and move them over to the new profile.
The next step is to back up the user’s profile settings in the Windows Registry. You’ll find them in regedit under HKEY Local Machine, Software, Microsoft, WindowsNT, CurrentVersion, and ProfileList. If you right mouse click on the profile list, you can export that hive to your desktop so that you’re able to recover it later if you run into problems.
Now that you have a backup, you can delete the registry settings for the user that has the corrupted profile. With those registry entries deleted, the next time the user logs in, the profile will be recreated. After that registry has been deleted, you can restart the computer.
You can now log onto the computer with the user’s standard domain login. And because the registry is no longer on that computer, it will be rebuilt after the user logs in. It will also recreate the user’s username folder, even though there will be none of the user’s files in that particular folder.
Once the profile is recreated, and the user’s desktop appears, you can log out of the user account and log back in as the domain admin. From there, you can take all of the files from the backup user folder and move them into the newly recreated profile folder for this user.
A good best practice is to only move over the user’s documents and files for that individual user and not every single file that happens to be in that user folder. That way, you can avoid copying over any files that may have been corrupted, or may have caused this problem to begin with.
Now that you’ve finished restoring the user’s files, you can log out as the domain administrator. And the user can log into their workstation. When they log in, all of their files and documents will be waiting all within their rebuilt user profile.