Applying a systematic approach to software troubleshooting is the key to solving all problems. But always remember to question the obvious and do the simple things first! There’s never a dumb solution.

Preventative maintenance can really stop a large percentage of the problems from occurring to begin with.

Window-Based OS issues can be grouped into a dozen categories:

Common Symptoms

Slow Performance

The performance of your system will inevitably slow down over time. This could be due to a multitude of causes, ranging from bad windows updates to plain ole malware!

The first step to solving slow performance is to identify what computer component is being impacted by the slowness. Once you isolate which critical component is being affected, you can then come up with a plan to solve it.

Check out this list of critical components that can be affected by slow performance:

CPU

a symptom of poor CPU performance is the slow execution of applications (your apps are running very slow).

Basically meaning that you have an application(s) that’s running your computer ragged! End Task it in the task manager.

You may hear your CPU fan run higher than normal if your PC starts to heat up.

RAM

Sometimes an OS may run out of RAM if you have too many applications running at one time.

Can also be caused by a singular application that needs a ton of RAM; Ex. a database

Applications will also load very slow to load

Disk

a symptom of poor hard disk drive performance is the thrashing of the drive heads on the platters of the drive.

Thrashing occurs when there is excessive movement of the drive arm to locate information on the disk. Basically, the hard drive is trying too hard to do its job, and it’s pretty noisey.

Now, disk problems can be caused by excessive fragmentation, high RAM usage, or a high volume of drive usage by applications (Ex. Video editing software).

Network

Symptoms of slow, poor network performance are slow loading web pages, network applications that load slowly, and even timeouts.

If you’re using wi-fi, slow network issues can be caused by poor signal strength.

If you’re using a wired connection (ethernet) poor network performance can be directly related to the LAN (local area network).

The source of the slowness can also be caused by something outside of your network.

Graphics

Symptoms of poor GPU performance are usually related to slow-running video games and playback of videos.

Whenever you play a very taxing high-end video game, it puts a lot of strain on the GPU card to keep up with the graphical standards.

This strain causes the PC to slow down dramatically to try to keep up with the FPS (Frames Per Second).

Tools you can use to isolate the problem area, so you can concentrate your attention on the correcting problem.

Task Manager

Task Manager is the first tool you should start up and the performance/processes tabs are the tabs to open in Task Manager.

Performance Tab

You can use this tab to view a visual representation of 4/5 critical areas of the PC and view their status.

Here, you can look for any signs of problems by looking at the CPU, Memory, Disk, Ethernet, and GPU utilization graphs.

If you see incidence of higher than normal utilization of any of these key areas, check the Startup tab to see if there are any programs that are not frequently used and are consuming resources.

If need be, disable those programs at start up.

Processes Tab

You can then perform the same evaluation using the Processes tab.

Here on the Processes tab the running apps appear normal, while the Background processes may represent a reasonable amount of memory that could be freed.

Go through and Audit the processes tab to see what background process is using an abnormal amount of data usage and end them if need be.

This will speed up the performance.

⁠

Resource Monitor

Using Resource Monitor allows you to get a much detailed view than what is displayed in Task Manager.

This tool allows you to read real-time performance data on every process on the OS

This tool visualizes and graphs all of the data on the computer

Limited Connectivity

When you have limited connectivity, the windows OS will display a yellow triangle on the icon for the network in the lower-right corner of the screen.

This means that you have the capability to connect to the internet, you’re just not able to connect to the public internet.

Troubleshooting Steps

Find out if you’re actually connected to the LAN (Local Area Network)before you troubleshoot further.

Do this by typing in ipconfig in the command prompt. This will show all the local network configuration settings like : your PC’s local IP address, default gateway, and subnet mask

Verify that the correct IP configuration settings are in place.

Verify that the IP configuration scheme for the IP address, subnet mask, and default gateway are properly configured.

Find a PC that’s able to get full internet connectivity; compare the IP configuration settings against the PC that’s getting limited connectivity.

Ping the IP address of the PC w/ Limited Connectivity

Go to the command prompt and ping the IP address of the PC w/ Limited Connectivity.

Do this by typing in ping [IP Address] into the command prompt.

Ping the default gateway

Then, finally ping the good PC that has complete internet access from your command prompt

If you’ve done all this, and everything pings back and is properly configured; you’re connected to the local network.

Once you established that you have connection to the local network...

Ping a website that’s out on the internet

Use google as a test dummy website: ping IP address 8.8.8.8

If you can’t ping google, then that means there’s something wrong with your router (default gateway) or some external problem

Take it one step further and ping → google (8.8.8.8) from a PC with good internet connection.

If the good PC fails to ping 8.8.8.8, then it’s probably your whole local network of computers that’s having limited connectivity issues

Disconnect from the network and reconnect.

This simple “unplug + plug” back-in method works a good bit of the time.

Different causes of Limited Connectivity

Wrong SSID

The problem PC may be connected to the wrong SSID.

Connecting to the wrong SSID would place the PC in the wrong network.

Static IP address Configured

A static IP address may be configured that is preventing the client from communicating on the local network and internet

Internet Router Problems

If all clients are having issues getting to the internet, then the Internet router may be at fault.

It can sometimes be a firewall rule for outbound traffic.

Always compare the nonworking host to a working host to help figure out exactly what’s wrong

External Internet Router Problems

Using tools such as ping and tracert can help verify a problem on the external network.

ping is used to see if a PC can reach a network; Either LAN or WAN.

tracert is used to follow the path that a router takes to get to the internet

DNS Resolution Problems

Sometimes name resolution can be the cause of limited connectivity.

DNS is used to translate an IP address from just 4-octets of numbers to an actual website name

Sometimes this tool doesn’t work the way it should;

Use nslookup to test a name resolution

3rd-Party Software

sometimes third-party software such as antivirus + anti-malware products can interfere with network connectivity.

Temporally disable them and test network connectivity to see if the problem disappears

Failure to Boot

Several Files are used to complete the boot up process

Windows Boot Manager

This file starts the initial beginning of loading the entire OS on the computer (BOOTMGR)

Master Boot Record

The Master Boot Record (MBR) is the first 512-byte of a hard drive.

Contains the partitioning information for a drive

Use the command bootrec/fixmbr to repair the master boot record

BCD

The BCD (Boot Configuration Data) holds information about any OS installed on the computer, such as the location of the OS files

winload.exe

filed used to boot Windows; It loads the operating system kernel

winresume.exe

If the system is not starting a brand new session, but only picking up on a session where you left off, winresume.exe is being ran by BOOTMGR

ntoskrnl.exe

The Windows OS kernel is the heart of the OS.

It’s responsible for giving applications access to the PC’s hardware

ntbtlog.txt

note boot log : windows stores a log of boot-time events

Let’s look at how you can collect information to identify the boot failure problem. We’ll consider this in two parts: Hardware & Software.

The hardware process begins with the POST

You can collect information from the POST tests’ (BIOS & UEFI) firmware using 3rd-party system event log (SEL) viewers.

However, it is very unlikely that a boot failure occurs because of a BIOS/UEFI firmware (hardware) issue.

The software portion begins with the BOOTMGR

To collect information on the software part of the boot process, you’ll have to use boot logging.

Boot logging is off by default and needs to be turned on.

Through Boot Logging, you’ll see exactly which part of the software is causing the boot failure because each software that’s loaded during the boot process is documented on the ntbtlog.txt file.

The ntbtlog.txt file is located at the base of the C: \Windows folder. Review this file to figure out which software is causing the boot failure.

⁠

Use System Configuration (msconfig.exe) to...

turn on boot logging by going to the boot tab of system configuration (msconfig)

⁠

No OS Found

Most of the time when the machine displays “operating system not found” it is due to the incorrect boot order being set in the BIOS/UEFI.

Check to see if they are any USB or removable drives connected to the computer; the PC may be reading this media during the boot process before accessing the hard drive.

If that’s the case, remove the media and reboot.

If your BIOS/UEFI computer is in fact actually configured to boot from the hard drive, but the PC is still displaying “No OS found”; this may be a sign that your PC can’t read your hard drive and your hard drive is failing.

Application Crashes

When an application crashes, you want to isolate the cause of the crash and solve it.

It could be a compatibility issue, a hardware issue, or a host of other problems.

Also try reinstalling the application to see if errors disappear.

One step is to take an early look at updates/patches/fixes that are rolled out to the application by the vendor.

Try these updates out on a test machine before rolling them out to all the machines, and verify that they actually fix the problem and not just make more.

Tools used to troubleshoot application problems

Reliability Monitor

allows you to see application crashes and the times/dates they occurred.

allows you to see what updates were installed before and after it crashed.

Event Viewer

this tool has windows event logs and information about Microsoft-based application problems

check out the application log to see what crashed and why

Blue Screens

BSOD (Blue Screen of Death) is the blue screen error condition that occurs when Windows fails to boot properly or quits unexpectedly.

Research the error code given

If a BSOD appears at boot, then it means that there’s a misconfigured driver or misconfigured hardware that’s causing the issue.

You can try a few things if you think the driver is the cause of the BSOD

Boot into Safe Mode and uninstall the driver(s) you think are causing the problem.

Boot into windows recovery environment and use system restore and choose a past restore point before all of the problems started happening.

Try to reseat some internal hardware like the ram or hard drives and reboot

Run a hardware diagnostics

Blank Screens

This is a common problem when the OS resolution is higher than the monitor can handle

This happens if you have replaced the original monitor with a new monitor.

Windows might not recognize the various resolution modes that the new monitor can display.

If this does end up happening, try to reconnect the original monitor and lower resolution in the display settings.

Check all the physical connections and make sure nothing has come loose or is disconnected.

Press windows key+shift+ctrl+B at the same time; this will send a wake signal to the display

Hold down the power button down for 5 to 10 seconds to perform a forced shutdown

update video driver in safe mode

Printing Issues

Printing issues at the software level are very common and sometimes difficult to fix.

Collecting information to identify the problem is the first step to solving the problem.

Check obvious stuff

Is the printer on?

Is the printer online?

Is everything plugged up correctly?

Are there any errors on the printers?

Does the OS see the printer?

Reboot the PC. Never rule a reboot out!

Next step is to try to print a test page.

If the test page prints, then the problem might be the application you’re trying to print from itself.

A common problem with applications (like word) is that they require a specific paper size when printing a document, and the document may be misconfigured for the wrong paper size.

If the test page fails then

the driver might need to be upgraded, reinstalled, or rolled back.

Restart the print spooler

Check print management MMC for detailed information on the printers.

Services fail to Start

A service’s failure to start is directly related either to another application installed with conflicting resources or to a misconfiguration of the service.

First place to start the isolation process is the Event Viewer.

Here you can check the system log for error codes

If a service is conflicting with another resource

we recommend that you reinstall the software that caused the service to fail.

If the service fails to start because of a misconfiguration, the most likely cause is the user account that the service is configured to start with.

If a misconfigured account is the problem, you will see an event ID of 700 in event viewer, the description will say “the service failed due to a login failure”.

Check to see if the service is configured to start automatically or manually.

Slow Bootup

Slow bootups caused by software can be identified by enabling the boot logging feature in system configuration.

By enabling boot logging, you can examine the ntbtlog.txt file for any abnormalities that may be slowing down the boot up process.

You can also use the system configuration (msconfig) tool to identify more slow bootup problems

By selecting the selective startup option in the system configuration utility, you can choose not to start system services and load startup items; only critical services will load.

⁠

You can then add unnecessary services back one-by-one to go through the process of elimination to figure out which service is slowing the boot up process down.

Slow Profile Load

Roaming user profiles are common in larger corporate environments

Every time a user logs onto a different computer with a roaming profile, their entire profile is loaded onto said computer.

This can cause network latency issues due to the amount of effort from the network to load huge profiles onto new computers.

Delete any temporary internet files in both edge and internet explorer + delete any old downloaded files to give the network some breathing room when loading a new roaming profile

Local profiles can be slow to load because of all the applications that are programmed to start at startup.

Use Task Manager to disable startup items.

⁠

By using the process of elimination and after several logouts and logins, you can narrow down the performance problem caused by slow-loading local profiles

Delete all the extra bloated local profiles in the registry.

Common Solutions

Defragment the Hard drive

Workstations with conventional spinning hard drive disks (HDD) eventually slow down because the file system is fragmented.

Defragmenting the hard drive can speed up performance because the head needs to travel less to read the data.

Always run the disk cleanup utility before you run a disk defragmentation.

Disk Cleanup Utility allows you to delete internet files and other unneeded files

Reboot

Rebooting systems often takes care of a multitude of problems

Rebooting terminates hung processes gracefully, allowing the processes to restart normally.

Rebooting helps determines whether or not an issue is a recurring one or not

Ex. If you’ve isolated the problem to excel, you should try to reboot and reproduce the problem. If a reboot fixes the problem, then that’s it; you’re done. If after rebooting the problem still persists, you’ve now isolated the issue to a singular program itself: excel; while eliminating all other programs.

Kill Tasks

Sometimes a task must be terminated because it is frozen or unresponsive.

Killing tasks should be a last resort because of the risk of losing work is very high

Use either task manager or resource monitor to kill processes (tasks)

How to kill tasks

use the IM/switch

taskkill / IM [program name] or taskkill /IM [notepad]

use the taskkill / PID# or taskkill/PID 2201

Restart Services

Services don’t normally need to be restarted, but on occasion, a change will be made that could make them crash.

Run the services MMC as an admin and find the service that needs to be restarted, and restart it.

Update network settings

When you experience network-related issues within windows OS, the 1st step to diagnosing the problem is to view the network settings.

You can view the current network settings by opening a command prompt and typing ipconfig /all

From here, you can compare the network settings of the problem PC to the network settings of a PC that’s working just fine

Always keep the network settings up-to-date to match other PCs on the network that are operating normally.

If a network change to DHCP was recently made and all you need to do is refresh the setting, you can issue an ipconfig / RELEASE and the ipconfig/ RENEW, and a new DHCP-issued IP address will be assigned.

Reimage/reload the OS

Certain situations may require you to reinstall software and the time it takes to reinstall a bunch of different software may take longer than just reimaging the PC again with the software preinstalled.

Reimaging the computer will depend on whether you use OS system images or load each computer by hand.

If your organization does use a standardized image for its computers, you can use the Windows Recovery Environment and select “Reset this PC” option.

Preinstalled images can be accessed by using the System Image Recovery option.

Roll back updates

Sometimes you will find that a Microsoft update or a 3rd party update will create problems for the OS.

When this does happen, it’s pretty easy to to roll back any updates by uninstalling them.

To uninstall Microsoft updates: settings app → update & security → view updates history → then uninstall updates

To uninstall 3rd-Party updates: control panel → programs and features applet → uninstall updates

Always reboot after uninstalling an update.

Roll back device drivers

Whenever you’ve isolated a hardware problem to a faulty device driver, it is sometimes necessary to roll back the current driver to a previous version.

This action will cause you to roll back the driver to the original version detected by Windows, also called the out-of-the-box driver.

In most cases, this is just a generic driver and will still work, but it reduces driver functionality. Use this until a proper driver is installed.

Apply Updates

Occasionally, applying an update will fix a problem, mainly because that is what updates do: They fix problems.

Windows 10 automatically installs updates for the OS to keep you up-to-date and problem-free

Windows offers a free patch-management solution called WSUS (Windows Server Update Services) and SCCM (System Center Configuration Manager).

Updates must be approved, downloaded, and deployed if you’re using WSUS or SCCM.

Always make sure to have a plan to roll back from a bad update

Turning on system protection and system restore is a good idea before an update

If an update fails, you can simply use System Restore to restore the OS to a previous point in time.

Repair Application

If an application is crashing and acting erratically, it may be due to another application that has overwritten critical files used by said application, or the files may have become corrupted.

In either case, choosing to repair an application will validate that it is installed properly and the process will replace any missing critical files for the applications.

Repairing an application will

Fix missing files

Replace corrupted files

Fix application shortcuts

Repair registry entries

Update or reconfigure drivers

Update boot order

When you have more than one OS installed onto your computer, it is important to make sure the BIOS is properly configured to boot to the correct OS version.

The boot order can be modified using the system configuration (msconfig) tool and clicking on the boot tab or by going to the system properties on the advanced tab.

Disable windows services/applications

Its tough to know what exactly is causing problems. One way to figure this out is to manually disable the services and apps you think are causing the trouble.

This may take some trial and error + a few reboots, but once you’ve identified the problem service at bootup, you can disable it in the system configurationn (msconfig) tool or the services MMC.

Disable application startup

After you’ve identified that a particular program at startup is slowing down the login process, you need to disable the application to fix the performance issue.

Some apps start automatically at start up, so if they’re a problem; isolate the application and disable it.

This can be done in task manager

⁠

Safe Boot

If Windows won’t load completely (It hangs or is otherwise corrupted) when you boot, you can often solve the problem by booting into Safe Mode.

Safe Mode is when you can load part of an OS by bypassing the settings, drivers, or parameters that may be causing it trouble during a normal bootup.

The goal of safe mode is to provide an interface with which you’re able to fix the problems that occur during a normal boot and then reboot in normal mode.

Accessing Safe Mode: Boot into Windows Recovery Environment by holding down the shift key upon bootup → select troubleshoot → advanced options → see more recovery options → startup settings → restart

If you can’t solve the problem with safe mode, try system restore instead.

⁠

Rebuild Windows Profiles

Want to print your doc?
This is not the way.

Try clicking the ⋯ next to your doc name or using a keyboard shortcut (

CtrlP

) instead.