Windows VistaInside Out :Windows VistaInside Out Chapter 24 – Recovering From an Computer Crash Last modified 10-30-07 9 am


Editions :Editions Complete PC Backup and Complete PC Restore Are not available in Home Basic and Home Premium editions All other troubleshooting tools described in this chapter are available in all editions


Recovery Tools :Recovery Tools Advanced Boot Options Press F8 during startup Safe Mode The Windows Recovery Environment (WinRE) Boot from DVD Replaces Windows XP's Recovery Console


Advanced Boot Options :Advanced Boot Options Press F8 during startup Safe Mode Safe Mode with Networking Safe Mode with Command Prompt Enable Boot Logging Enable low-resolution video (640x480) Last Known Good Configuration (advanced) Directory Services Restore Mode Debugging Mode Disable automatic restart on system failure Disable Driver Signature Enforcement Start Windows Normally


Windows Error Recovery :Windows Error Recovery If you shut down and restart with the power switch, you see this screen


Safe Mode :Safe Mode Uses only those services and drivers that are absolutely required to start your system Generic video driver at 800 x 600 resolution USB flash drives, hard disks, keyboard, and mouse will be supported No audio devices No Startup folder programs


Safe Mode :Safe Mode These configuration tools are available Device Manager System Restore Registry Editor Help And Support Online help (if you use Safe Mode with Networking)


Safe Mode :Safe Mode Backup and Restore Center is not available To restore a Complete PC Backup, use the Windows Recovery Environment, not Safe Mode


Other Safe Mode Options :Other Safe Mode Options Safe Mode With Networking Safe Mode plus drivers and services required to start Windows networking Safe Mode With Command Prompt Safe Mode with no graphics Uses Cmd.exe only


Last Known Good Configuration :Last Known Good Configuration Every time Windows starts in normal mode It makes a record of all currently installed drivers and the contents of the registry key HKLM\SYSTEM\CurrentControlSet Last Known Good Configuration (Advanced) restores the previous, working registry key If you just installed a driver that makes the system hang, this is an easy fix System Restore is more reliable


Other Startup Options :Other Startup Options Enable Boot Logging Lists the names and status of all drivers loaded %SystemRoot%\Ntbtlog.txt Enable Low-Resolution Video 640 x 480 Directory Services Restore Mode Ignore it, it only applies to domain controllers


Other Startup Options :Other Startup Options Debugging Mode Kernel debug mode—rarely used Disable Automatic Restart On System Failure Stops an endless cycle of restarting Disable Driver Signature Enforcement Use this option if Windows is refusing to start because of an unsigned driver


Windows Recovery Environment :Windows Recovery Environment Boot from Vista DVD Select Language to Install, Time And Currency Format, and Keyboard Or Input Method, click Next Click "Repair your computer" instead of "Install now"


Windows Recovery Environment :Windows Recovery Environment Select correct operating system and click Next


Windows Recovery Environment :Windows Recovery Environment


Windows Recovery Environment :Windows Recovery Environment If you don't have a Vista DVD, the Recovery Environment should be on a hard disk "recovery" volume There should be a startup option to use it


Startup Repair :Startup Repair Easy and automatic Fixes boot files, including BCD (Boot Configuration Data) store


System Restore :System Restore Runs as usual, but cannot create a restore point first So there's no way to undo a System Restore made from Windows Recovery Environment


Restoring an Image Backup With Complete PC Restore :Restoring an Image Backup With Complete PC Restore You must have previously used Complete PC Backup to create an image backup of your system disk Formats your disk and completely replaces it with the backup copy You will lose recent documents on the System disk Copy them to a USB drive with the Command Prompt first


Complete PC Restore from CDs or DVDs :Complete PC Restore from CDs or DVDs Insert the last disc in the backup set before you click Windows Complete PC Restore. If you insert the first (or any other) in a set of CDs or DVDs, the program will not find it.


Windows Memory Diagnostic Tool :Windows Memory Diagnostic Tool Checks your RAM You can also run it with Vista running Shows results at next restart


Working at the Command Prompt :Working at the Command Prompt The Command Prompt option Puts you in X:\Sources (a RAM drive) You can run all commands, including DISKPART to manage disk partitions Networking is not available unless you run the WPEINIT command You run with the System account So anyone who can boot from DVD can completely control your computer Unless you use encryption


Windows VistaInside Out :Windows VistaInside Out Chapter 25 – Managing Services


Editions :Editions All other tools described in this chapter are available in all editions


Services :Services A service is a specialized program that performs a function to support other programs Many services operate at a very low level Interacting directly with hardware Need to run even when no user is logged on Run with the System account (which has elevated privileges)


Using the Services Console :Using the Services Console A MMC snap-in In Computer Management Or SERVICES.MSC at a command prompt


Actions on Services :Actions on Services Start, stop, pause, resume, or restart Pausing and resuming is less drastic than stopping and restarting May avoid cancelling jobs in process Essential services start automatically Some others must be manually started or stopped Usually because of an error


Service General Properties :Service General Properties Startup Types Automatic (Delayed Start) Starts shortly after the computer starts Automatic Starts when the computer starts


Service General Properties :Service General Properties Startup Types Manual Doesn't start automatically at startup, starts when needed Disabled Can't be started


Service Log On Properties :Service Log On Properties The logon account must have the "Log On As A Service" right Local Security Policy Security Settings Local Policies User Rights Assignment


Service Recovery Properties :Service Recovery Properties When it fails Take No Action Restart The Service Run A Program Restart The Computer


Dependencies :Dependencies If you attempt to start a service that depends on other services, Windows first starts the others If you stop a service upon which others are dependent, Windows also stops those services


Determining the Name of a Service :Determining the Name of a Service Each service has three names Service name Used in command-line and Registry Display name Appears in the Services console Executable file name Many are Svchost.exe


Managing Services from a Command Prompt :Managing Services from a Command Prompt


Managing Services from Task Manager :Managing Services from Task Manager New in Vista


Windows VistaInside Out :Windows VistaInside Out Chapter 26 – Editing the Registry


Editions :Editions The structure of the registry is identical in all editions of Windows Vista Registry Editor works exactly the same way in all editions Group Policy is not available in the Home Editions (Home Basic and Home Premium)


Editing the Registry is Dangerous :Editing the Registry is Dangerous A bad manual change can crash your system Normally you use Control Panel to update the registry to avoid such disasters


Understanding the Structure of the Registry :Understanding the Structure of the Registry The registry consists of five root keys HKey_Classes_Root HKey_Current_User HKey_Local_Machine HKey_Users HKey_Current_Config Or HKCR, HKCU,HKLM, HKU, and HKCC


Subkeys :Subkeys Root keys (sometimes called predefined keys), contain subkeys Subkeys look like folders in Regedit HKCU has these top-level subkeys: AppEvents, Console, Control Panel, … A root key and its subkeys form a path HKCU\Console


Values :Values Every Subkey contains at least one value But it may show (value not set) The default value (often undefined) Values have name, data type, and data


Hives :Hives A key with all its subkeys and values is called a hive The registry is stored on disk as several separate hive files Hive files are read into memory when the operating system starts (or when a new user logs on)


HiveList :HiveList HKLM\System\CurrentControlSet\Control\HiveList


Hardware Hive :Hardware Hive \Registry\Machine\Hardware has no associated disk file Windows Vista creates it fresh each time you turn your system on


HKCR and HKCU :HKCR and HKCU These keys are links to items contained in other root keys HKey_Classes_Root (HKCR) Merged from keys within HKLM\Software\Classes and HKU\sid_Classes sid is the security identifier of the currently logged on user HKey_Current_User (HKCU) HKU\sid


Avoiding Registry Mishaps :Avoiding Registry Mishaps Registry Editor changes the registry immediately No Undo command No File, Save command


Backing Up Before You Edit :Backing Up Before You Edit Registry Editor's File, Export Registry Hive format is recommended for backups Because it restores the entire hive exactly BUT if you restore it to the wrong key, it does a lot of damage


.reg Files :.reg Files You can export a registry key in Registration Files format Creates a .reg file Can be edited in notepad Right-click, Merge to insert values into registry


HKLM\System\CurrentControlSet :HKLM\System\CurrentControlSet This hive is so important, Windows backs it up To restore this hive, press F8 during bootup and use "Last Known Good Configuration"


We skipped pages 862 - 875 :We skipped pages 862 - 875