Back to Subject

Unit 4 - Notes

CAP321 10 min read

Unit 4: PC Troubleshooting and Security

1. Software and Hardware Troubleshooting Concepts

Troubleshooting is a systematic process used to locate the cause of a fault in a computer system and correct the relevant hardware and software issues.

The CompTIA 6-Step Troubleshooting Methodology

To troubleshoot effectively, a standard methodology should be followed:

  1. Identify the problem: Question the user, identify any changes made to the computer, and review system logs.
  2. Establish a theory of probable cause: Question the obvious first. If applicable, conduct internal/external research.
  3. Test the theory to determine the cause: Once the theory is confirmed, determine the next steps. If the theory is incorrect, establish a new theory or escalate.
  4. Establish a plan of action: Formulate a plan to resolve the problem and implement the solution safely.
  5. Verify full system functionality: Ensure the issue is fixed and, if applicable, implement preventive measures.
  6. Document findings, actions, and outcomes: Record the problem and the solution for future reference.

Hardware Troubleshooting Concepts

Hardware issues typically prevent the system from booting properly or cause unexpected shutdowns.

  • Power-On Self-Test (POST): The system's initial hardware check. Failures are often indicated by specific beep codes (e.g., one long beep and two short beeps indicating a video/RAM error) or hexadecimal codes on the motherboard.
  • Component Isolation: Disconnecting non-essential components (peripherals, extra RAM, secondary storage) to isolate the failing hardware.
  • Thermal Issues: Computers overheating may cause random reboots or system lock-ups. Checking fans, clearing dust, and reapplying thermal paste are standard fixes.
  • Power Issues: A failing Power Supply Unit (PSU) can cause intermittent boot failures. Testing with a multimeter or PSU tester is required.

Software Troubleshooting Concepts

Software issues usually occur after the OS begins to load.

  • Safe Mode: Booting the OS with a minimal set of drivers and services. If the system works in Safe Mode, the issue is likely a third-party application or driver.
  • Driver Conflicts: Outdated or corrupted drivers can cause Blue Screen of Death (BSOD) errors. Rolling back or updating drivers via Device Manager is the standard fix.
  • Application Errors: Utilizing tools like Event Viewer (in Windows) helps identify software crash logs and error codes.

2. Hardware Issues: Printers, Networks, and WiFi

Printer Troubleshooting

Printers involve complex mechanical and software components.

  • Paper Jams: Caused by damp paper, worn-out pickup rollers, or incorrect paper paths. Ensure paper is fanned and rollers are cleaned with a damp cloth.
  • Connectivity Issues:
    • Local Printers: Check USB cables and ports.
    • Network Printers: Ping the printer's IP address. Verify the print spooler service is running.
  • Print Quality Issues:
    • Inkjet: Streaks indicate clogged print heads (run a cleaning cycle).
    • Laser: Vertical lines indicate a scratched imaging drum; ghosting indicates a failing fuser or cleaning blade.
  • Print Spooler Errors: If print jobs get stuck in the queue, clearing the print queue and restarting the Print Spooler service via services.msc usually resolves the issue.

Network Troubleshooting

Wired networking issues usually stem from physical layer failures or misconfigurations.

  • Physical Connections: Always check the easiest physical point of failure first. Look for link lights on the Network Interface Card (NIC) and the switch/router. No light indicates a dead cable, dead port, or disabled NIC.
  • Cable Issues: Electromagnetic Interference (EMI) or damaged RJ45 connectors can cause intermittent packet loss.
  • Configuration Issues: Incorrect static IP configurations or failed DHCP leases resulting in an Automatic Private IP Addressing (APIPA) address (e.g., 169.254.x.x).

WiFi Troubleshooting

Wireless networks are highly susceptible to environmental variables.

  • Signal Interference: Microwave ovens, cordless phones, and neighboring routers (using the same frequency channels) can cause connection drops. Switching to a less congested channel (e.g., Channels 1, 6, or 11 on 2.4GHz) helps.
  • SSID Visibility: If a network name (SSID) is hidden, the user must manually type the exact name and security type to connect.
  • Authentication Errors: Typing the wrong WPA2/WPA3 security key or issues with the RADIUS server in enterprise environments.
  • Limited Connectivity: A device may connect to the router via WiFi but have no internet. This requires restarting the router/modem to refresh the ISP connection.

3. IP Address Classes

An IP (Internet Protocol) address is a unique identifier for a device on a network. IPv4 addresses are 32-bit numbers divided into four 8-bit octets. Historically, IP addresses were divided into "Classes" to manage the allocation of networks and hosts.

Class Leading Octet Range Default Subnet Mask Use Case / Characteristics
Class A 1 to 126 255.0.0.0 Designed for massive networks. Supports 126 networks, each with over 16 million hosts.
Loopback 127 N/A Reserved for loopback testing (e.g., 127.0.0.1 pings the local machine).
Class B 128 to 191 255.255.0.0 Designed for medium-to-large networks. Supports ~16,000 networks and ~65,000 hosts per network.
Class C 192 to 223 255.255.255.0 Designed for small networks. Supports over 2 million networks, but only 254 hosts per network.
Class D 224 to 239 N/A Reserved strictly for Multicasting (sending data to multiple specific destinations simultaneously).
Class E 240 to 255 N/A Reserved for experimental and research purposes.

Note: Modern networks use CIDR (Classless Inter-Domain Routing) to overcome the rigid boundaries of IP address classes, allowing for more efficient use of IP addresses.

4. Security: Firewalls and Anti-Virus

Firewalls

A firewall is a network security device or software that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies.

  • Hardware Firewalls: Dedicated appliances placed between a private network and the internet. They protect the entire network.
  • Software Firewalls: Installed on individual operating systems (e.g., Windows Defender Firewall). They protect only the host machine.
  • Stateless vs. Stateful: Stateless firewalls filter packets based solely on source/destination IPs and ports. Stateful firewalls monitor the entire state of active connections, making them much more secure.
  • Port Blocking: Firewalls block malicious traffic by closing vulnerable network ports (e.g., blocking port 3389 to prevent unauthorized Remote Desktop access).

Anti-Virus Protection Concepts

Anti-virus (AV) software detects, prevents, and removes malicious software.

  • Signature-Based Detection: The AV relies on a database of known virus "signatures" (unique code snippets). This requires constant database updates to remain effective.
  • Heuristic Analysis: The AV analyzes the behavior of a program. If a program attempts suspicious activities (like rewriting system files), it is flagged, allowing the AV to catch zero-day (unknown) viruses.
  • Real-Time Protection: The AV constantly runs in the background, scanning files the moment they are opened, downloaded, or executed.
  • Quarantine: When a virus is found, the AV moves it to an isolated, encrypted folder where it cannot execute, preventing system damage while allowing the user to review it.

Anti-Virus Installation

Proper installation ensures maximum security without crippling system performance.

  1. Remove Old AV Software: Running two active AV programs simultaneously causes severe system lag and software conflicts. Always uninstall previous security software completely.
  2. Download from a Trusted Source: Ensure the installer is downloaded directly from the vendor.
  3. Install and Update Immediately: The software must be updated with the latest virus definition files right after installation.
  4. Run a Full System Scan: Perform an initial deep scan to establish a clean baseline.

USB Anti-Virus Scanning

Removable media (USB flash drives) are primary vectors for malware transmission.

  • Autorun/Autoplay Vulnerability: Historically, malware utilized the autorun.inf file to execute silently the moment a USB drive was plugged in. Disabling Autoplay in the OS is a critical security step.
  • On-Access USB Scanning: Modern AV software can be configured to automatically prompt for a scan or silently scan the root directory of a USB drive as soon as it is mounted by the OS.
  • Manual Scanning: Users should right-click the USB drive in the File Explorer and select "Scan with [AV Name]" before opening any files.

5. System Recovery: Restore Points

Restore Point Concepts

A Restore Point is a saved "snapshot" of a computer's system files, Windows registry, system settings, and installed applications at a specific point in time.

  • Purpose: If a system becomes unstable due to a bad driver update, registry corruption, or malware, the user can revert the system back to the state it was in when the restore point was created.
  • What it does NOT do: System Restore is not a data backup tool. Reverting to a restore point does not delete, recover, or alter personal files (documents, photos, emails). It only affects system files and programs.
  • Volume Shadow Copy: System Restore relies on the Windows Volume Shadow Copy service to create these snapshots while the system is actively running.

Restore Point Creation

Restore points are created automatically before major system events (like a Windows Update or a new software installation) but can also be created manually.

Manual Creation Process in Windows:

  1. Open the Start menu and search for "Create a restore point".
  2. This opens the System Properties window on the System Protection tab.
  3. Ensure the target drive (usually C: (System)) has System Protection set to On. If not, click Configure and enable it, allocating a percentage of disk space for snapshots.
  4. Click the Create... button at the bottom of the window.
  5. Type a descriptive name for the restore point (e.g., "Before installing new GPU drivers").
  6. Click Create. The system will take a few moments to save the registry and system state.

6. System Performance Tools

Operating systems come with built-in utilities designed to monitor, maintain, and optimize computer hardware and software performance.

Task Manager

The primary tool for real-time monitoring of system resource utilization.

  • Processes Tab: Displays running applications and background processes, showing how much CPU, Memory, Disk, and Network bandwidth each is consuming.
  • Performance Tab: Provides graphical representations of hardware utilization (CPU speed/cores, RAM usage, Disk read/write speeds).
  • Startup Tab: Allows users to disable programs that launch on boot, significantly improving boot times and reducing background resource drain.

Resource Monitor

A more granular and advanced version of the Task Manager. It allows technicians to see exactly which files a process is writing to the disk, which IP addresses a program is communicating with over the network, and detailed memory faults.

Disk Defragmenter / Optimize Drives

Over time, files on a Hard Disk Drive (HDD) become scattered across the physical platter (fragmentation), increasing read/write times.

  • HDD Defragmentation: Reorganizes data so that related file sectors are contiguous, speeding up mechanical read times.
  • SSD Optimization: Solid State Drives (SSDs) do not need defragmentation (doing so degrades their lifespan). Instead, the tool sends a TRIM command to the SSD, which tells the drive to wipe deleted data blocks, keeping write speeds high.

Disk Cleanup / Storage Sense

A utility to free up storage space by safely deleting unnecessary files.

  • Clears temporary internet files, Windows error memory dumps, and the Recycle Bin.
  • Capable of removing "Previous Windows Installations" (Windows.old folder) after a major OS upgrade, often freeing up gigabytes of space.

Performance Monitor (PerfMon)

An advanced tool used to gather long-term metrics. Technicians can set up Data Collector Sets to log hardware performance over hours or days. This is highly useful for troubleshooting intermittent bottlenecks (e.g., finding out why a server slows down only at 2:00 PM every day).

Event Viewer

A centralized log service that records everything happening within the operating system.

  • Divided into Application, Security, Setup, and System logs.
  • Essential for troubleshooting hardware failures (like a disk experiencing read errors) or unexpected software crashes by searching for red "Error" or "Critical" events.
Previous
Unit 3
Next
Unit 5