Advanced Troubleshooting Techniques
Download
Report
Transcript Advanced Troubleshooting Techniques
Advanced Troubleshooting
Techniques
Chris Conlon- Fall 2002
Macintosh
► Have
your system CD
► Dump Prefs
Windows
►2
Easy Steps
Reformat
Reinstall
Overview of Topics
► Troubled
beginnings- when computers don’t
start
► Lost but not forgotten- Data Recovery
► Your friend and mine- the Registry Editor
► How to succeed as a UA without really
trying- Automating Tasks
Troubled Beginnings
Fixing Startup Errors
If you can’t get to Windows
►
►
Safe Mode- F8
Boot off of the CD
Recovery Console (2k/XP) vs Repair Option
Security Policy Setting –otherwise you’re locked out
►
BIOS
Delete, F1, F2
Escape first to disable silent boot
►
Quick boot is the enemy
Resetting the NVRAM/PnP data
Boot Sector virus protection vs OS reinstall
►
Check Beep Codes – RAM or Video Card?
Doc Memory on Tools CD—RAM testing
Basics- Tools of the Trade
► MSConfig
Best method-easily repaired
►Startup
Group and Run and Run- key
►Services in NT/2000/XP
►.INI Files
Basics- Tools of the Trade
► Sysedit
Can edit old startup files
►Autoexec.bat,
Config.sys, System.ini, win.ini
►Good for Multimedia drivers, and old things
►That pesky Norton Uninstall (navapw32.dll is
missing…)
Startup CPL
► Installed
as
control panel
utility
► Similar to
MSConfig
► Easy to use
Analyzing the Boot Log
► Use
the BLA on the Tools CD
► Reads the Bootlog.txt file generated by
Windows and “decodes” it.
► Maybe it’s useful to you…
That Pesky Driver
Windows installs the same bad driver over and
over….
► Finding the hidden folder
C:\windows\inf\cat
Deleting the .inf file
Only works for unsigned drivers not shipped on
windows CD
► Delete
from device manager
► Always try to “Update Driver” not “Reinstall Driver”
Escaping DLL-Hell
► DLL
Show Utility on PC CDs
When all else fails…the BIOS
► Entering
the BIOS
► Seek and Destroy!
Eliminate Quick Boot
Turn off Power Saving
Resetting PnP Data
► Disabling
un-needed peripherals
IR, COM, Parallel, integrated
► Low-Level
Format
Showing Hidden Devices
► Use
the registry file on tools CD to show
hidden devices in device manager
► What’s a hidden device you ask?
Unplugged PC Cards or USB devices, etc.
“Ghosting” network adapters
Lost but not forgotten…
Data Recovery…
Spying on Yourself
Security Tools
Port Scanning
►
1.
Port Scanning
yourself is a good
way to look for
trojans
Superficial –
netstat /a
► Listening
► Established
► Port #’s
Active Port
► Does
not seem to work well with 2k/XP
► Basic Port Scanning for older systems
Reasonable at looking for Trojans
SpyWorks or SpyWare?
► Very
Robust suite of
something
► Port Scanning
► Intrustion Detection
Tools
► Intrusion Defense
Tools
► Key loggers and other
sketchiness
Hard Disk Troubles
► Using
Norton 2002
Disk Doctor (FAT32 Preferred)
► Repairs
errors
Limitations under NTFS
► Scandisk v. chkdsk
► fdisk, format (boot
/f
disk)
Lose all data and start over (6mo)
► FAT32
v. NTFS
Fdisk /mbr (when switching OS’s)
► DelPart.exe
– Win 9x over NT/2K
Low level format
Scandisk and Chkdsk /f
► Scandisk
fixes simple errors on floppies and
HD’s (First Line of Defense)
Doesn’t fix things very well
► Chkdsk
/f
Scorched Earth data recovery
Makes a mess- last resort
Norton UnErase
►2
Ways for HD’s
Recycle Bin Protection
Boot off the CD – works very well
►Can
recover DELETED files quickly and VERY
effectively
►Use NDD to recover Damaged files first
Floppy Recovery
► Same
Basics, scandisk, chkdsk /f, ndd
► Can also use hex editor to grab TEXT ONLY
from files.
Slow and Tedious
Use searching
► Winhex
on Tools CD
How to succeed as a UA
without really trying…
Automating Tasks (or borrowing)
Network Enema
► New
for Fall 2002
► Safer on Windows XP
► Less filling same great taste
The Big Finale…
This year’s new tool!!!
Which would you rather have?
► Netconfig.exe
Instantly enables DHCP
Removes Proxy Settings
Configures for LAN
Removes DNS entries
Removes Static IP
Releases and Renews
No reboot –runs in 10s
Additional Resources
► AdvTeam
webpage
► Chris’ webpage (http://fas/~cconlon) IE
only!
► www.driverguide.com (drivers:all)
► www.regedit.com