Wednesday, January 2, 2008

OS: Recovery Console In Action

Excellent examples (with screenshots) of typical Recovery Console command you would use to bring Windows back up after a failure to boot successfully.
You have NO Access to any other directory !

You can copy files FROM Floppy disk to the directories on disk, to which you have access.
You can NOT copy files from disk to Floppy Disk !
Recovering from Bootup problems :
When the system displays on booting a message of "missing" NTLDR or NTDETECT,
you can copy these files via Recovery Console from the CD-ROM :
make sure to be on the root of the C:-drive (please make : CD \ ).
In my example, the CD-ROM drive is Drive D: , allowing to make a copy of the files
NTLDR and NTDETECT.COM from the i386-directory to the C:\ - root directory.


If there is a problem with the Boot-sector on the C:-drive, you can use "fixboot" to write
a new boot-sector.
If there is a problem with the Master-Boot-Record of the disk (maybe damaged by a virus),
you can use "fixmbr" to write a new MBR :
 blog it
Posted by at

Saturday, December 22, 2007

Operating Systems: Investigating Corrupt Drivers

You suspect that some driver on your Windows XP system is the source of the system crashing and locking up.
How can you verify that all drivers on the system have not been changed?
1. Run DiskProbe.
2. Run the DMDIAG.EXE program from the Run dialog box.
3. Run ASR.
4. >>Run the SIGVERIF.EXE program from the Run dialog box.

Explanation : Windows 2000 and Windows XP support the verification of digital signatures assigned to device drivers. If you suspect a problem with a driver, run SIGVERIF.EXE to scan for drivers that are not digitally signed. To use the utility, enter the command in the Run dialog box.
A digital signature is an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged. Digital signatures are easily transportable, cannot be imitated by someone else, and can be automatically time-stamped. The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it later.
A digital signature can be used with any kind of message, whether it is encrypted or not, simply so that the receiver can be sure of the sender's identity and that the message arrived intact. A digital certificate contains the digital signature of the certificate-issuing authority so that anyone can verify that the certificate is real.

If changes to the operating system cause instability or startup problems, you can use the Automated System Recovery (ASR) tool to restore the system state and all files stored on the system volume. ASR is a last resort option to use after you have unsuccessfully tried other recovery methods, such as rolling back drivers, restoring from backups, performing parallel installations, and using System Restore. ASR restores system state files and settings and restores your ability to start the system. For example, hard disk corruption might prevent you from starting Windows XP, and the damage might be serious enough to prevent you from using Safe Mode, Recovery Console, or the Last Known Good Configuration. ASR will restore the Windows XP files that originally were installed from CD-ROM and may place incompatible file versions on the hard drive if files from service packs had been installed after original installation.

DiskProbe is a sector editor tool for Windows XP Professional that allows administrators to directly edit, save, and copy data on a physical hard disk. With DiskProbe, you can replace the Master Boot Record, repair damaged partition table information, and repair or replace damaged boot sectors.

DMDIAG is a command line tool that displays the location and layout of dynamic disks and disk volumes.
Objective: Operating Systems
Posted by at
Labels: , , , , ,

Operating Systems: Performance Issues and Paging Files

A user's computer has two hard disks. The operating system and all applications are installed on the first hard disk. The second hard disk is used only to store backups of critical files. The computer is running Windows XP Professional.
The user reports that the system is slow when accessing certain applications. You launch the application and discover that there is a lot of disk access when running certain tasks. You use Task Manager and notice that the application is using a lot of memory.
What can you do to optimize performance? (Select TWO.)
1. >>Move the paging file to the second hard disk.
2. Configure the hard disks in a striped (RAID 0) volume.
3. Reinstall the operating system on the second hard disk.
4. Move the user's My Documents folder to the second hard disk.
5. >>Add more RAM to the computer.

Explanation : One way to resolve the problem is to move the paging file to the second hard disk. The paging file is used to swap data in and out of physical Random Access Memory (RAM). When performance is poor and there is a lot of disk access, the most likely problem is memory. You can either add more RAM or optimize the paging file. One way to optimize the paging file is to move it to a different hard disk than the one where the operating system is installed.
If the budget allows, you can also resolve the problem by increasing physical RAM. Doing so will cause the computer to rely less on the paging file.
Reinstalling the operating system on the second hard disk will not resolve the problem. The paging file is created on the same hard disk as the one where the operating system is installed by default.
You cannot configure the hard disks in a striped volume. The system and boot partitions must be located on a simple volume. They cannot be located on a striped volume.
Moving the user's My Documents folder to the second hard disk will not resolve the problem. The problem is caused by memory consumption. Moving the My Documents folder to the second hard disk might improve file access times for documents in the My Documents folder, but it will not resolve the problem the user is having.
Objective:
Posted by at
Labels: , , ,

Components: Antistatic Wrist Strap

What safety feature is incorporated into an antistatic wrist strap?
1. >>A resistor in the path to ground
2. An alligator clip for quick disconnection
3. A high-voltage fuse
4. Static-eliminating material in the wrist band
5. A quick-release snap on the ground wire

Explanation : A wrist-grounding strap is necessary when working with PC motherboards, memory modules, and expansion boards. The strap drains away static electric charges that can damage microchips. A proper strap contains a high-value resistor (typically between 1 and 2 Megaohms) embedded in the strap or the coupling to the ground wire. One side of the resistor connects to a contact plate that touches your skin, and the other side connects to a wire lead (usually coiled) that should be connected to a known-good earth ground. The resistor is of high enough value that it acts as a short to ground for any high-voltage static charges that build up, but appears as an open circuit to the lower, current-carrying voltages that can be lethal (recall Current = Voltage / Resistance).
Static-eliminating material in the wristband may reduce static buildup.
A quick-release snap on the ground wire and an alligator clip for easy disconnection are conveniences, but not safety devices.
A high-voltage fuse would not offer protection against lower, current-carrying voltages.
Objective: Personal Computer Components
Posted by at
Labels: , ,

Operating Systems: Moving Boot Logs to another computer

Which boot option can you use to move system boot logs from a failing computer to another computer for evaluation?
1. Recovery Console
2. Debugging Mode
3. Safe Mode with Networking
4. Enable Boot Logging
Explanation : Debugging Mode gives you the opportunity to move system boot logs from the failing computer to another computer for evaluation. To use this mode, you first must connect the failing computer to another computer using a serial cable. You then can review the boot logs on a functioning computer.

Safe Mode with Networking is the same as Safe Mode, but the drivers necessary to access the network are loaded. This is useful if you need to access the network to download replacement drivers.

The Enable Boot Logging option allows the system to boot normally while recording all files loaded during the boot process. The log is recorded in a file named NTBTLOG.TXT. The log will identify which drivers loaded and which failed. This is especially helpful if you have a copy of the NTBTLOG.TXT file that was created before there was a problem. You then could compare them to see what has changed.
The Recovery Console does not start the graphical interface, but it does allow you to access any FAT16, FAT32, and NTFS file systems. The purpose of the Recovery Console is to allow you to repair a damaged registry, system files, or file system on the hard drive.
Objective: Operating Systems
Posted by at
Labels: , , , , ,

Components: Installing SIMM vs DIMMs

Which statement about installing DIMMs is true?
1. You insert the DIMM at a 35-degree angle.
2. You must install DIMMs in matching pairs.
3. You must line up the cutout end of the DIMM with the correct end of the memory socket.
4. >>You push the DIMM straight down into the socket.

Explanation : Dual Inline Memory Modules (DIMMs) differ from the older Single Inline Memory Modules (SIMMs) in a variety of ways. DIMM connectors have different sized sections so you can line them up correctly in the socket. Once you match the sections correctly, you push the DIMM straight down into the socket. When the DIMM is correctly seated, swivel locks on either end snap into place.
SIMMs have a cut-away portion on one edge so you can line them up properly. You insert them at an angle and then raise them into place.
Older 486 and Pentium I systems required SIMMs to be installed in pairs.
Objective: Personal Computer Components
Posted by at
Labels: , , , ,

Operating Systems: Backups II

A customer's computer stores accounting and sales data that is backed up according to the following schedule:
Full backup Sunday night Differential backup Monday-Friday nights
The hard disk fails on Thursday morning.
What must you do to restore the data in the least amount of time?
1. Restore the Sunday backup. Restore the Monday backup. Restore the Tuesday backup. Restore the Wednesday backup.
2. Restore the Wednesday backup.
3. >>Restore the Sunday backup. Restore the Wednesday backup.
4. Restore the Sunday backup.
Explanation : You should restore the Sunday backup, then the Wednesday backup. A differential backup backs up all data that has changed since the last full backup. Therefore, you only need to restore the last full backup and the most recent differential backup.
You cannot restore the data using only the Sunday backup. If you only restore the Sunday backup, all data changed since the Sunday night will be lost.
You cannot restore the data using only the Wednesday backup. You must restore the full backup before you can restore the differential backup.
You do not need to restore the Sunday, Monday, Tuesday, and Wednesday backups. If the weekday backups were incremental backups, you would need to take these steps. However, since they are differential backups, they include all data changed since the last full backup.
Posted by at
Labels: , , ,
Subscribe to: Posts (Atom)