A
Adam Albright
Assuming you can at least get Vista (or other versions of Windows) to
boot yet things don't seem right, here a few places to look that may
help you solve your problem.
A. Using System Tools
Click on the Start button, All Programs, then Accessories, System
Tools and finally System information. You'll see a wealth of
information about your hardware, drivers, codecs and what if anything
is a issue to Windows in a simple to use tree format similar to
Windows Explorer. Click on a category in the left pane like
Components, then Storage and finally look under BOTH drives and disks
if you think you have a hard disk problem.
Looking under Hardware Resources/Conflicts often will show problems
with multiple devices sharing IRQ's.
Click under Software Enviroment, then System Drivers and you gain a
wealth of information on which drivers are running stopped, etc..
B. Control Panel
This area of Vista has changed quite a bit over past versions and at
times is more user friendly, yet some things are now burried. If you
go there, click on Classic View, then pick Administrative Tools.
Now select Event Viewer. Windows tries to log errors in three broad
categories; actual errors, warnings and just information. These may
help explain WHY Windows or one of your applications or devices got
hung up. Like with Device Manager, a red flag is serious and usually
something stopped working or is working as it should. Yellow means
something happened that shouldn't have but Windows likely was able to
recover at least partially.
For example I just looked in mine. The first error I see was caused by
my CD/DVD burner. Windows reported "The driver detected a controller
error on \Device\CdRom0". I remember it prevented the tray from
opening until I rebooted. Such "error log" events can be useful since
they show the date, time and likely source of problems. Not all, but
many.
A warning message in my error log said this:
"Windows detected your registry file is still in use by other
applications or services. The file will be unloaded now. The
applications or services that hold your registry file may not function
properly afterwards.
DETAIL -
1 user registry handles leaked from
\Registry\User\S-1-5-21-1645522239-884357618-839522115-1003:
Process 820 (\Device\HarddiskVolume1\Windows\System32\winlogon.exe)
has opened key
\REGISTRY\USER\S-1-5-21-1645522239-884357618-839522115-1003
Again I can tell by the timestamp this happened when I shut down for
the night. It took longer than usual, still managed to.
Something else you can try if you're having troubles booting or
booting seems to be taking longer then it should.
Advanced Tip:
Go to Start, then Control Panel, Administrative Tools, System Tools,
System Configuration and choose the boot tab. You will see a "boot
log" check box. Check it and restart computer and Vista will generate
a detailed human friendly log of all it did or TRIED to do during the
boot process as far as loading drivers. This can be a BIG file, but
looking at it line by line often will at least point to what's going
wrong. Once you solve the problem just turn this feature off again
from System Configuration and again reboot.
You will now have a log of all actions during boot.
Like many things in Vista "seeing" the bootlog file has been made
somehwhat harder.
Microsoft's default idea is to hide system files. This is done to
protect you the user from messing things up. So to easily find the log
file do the following:
Click on Start, then Search, Advanced. Under Location Select Local
drive C. Under name type: ntbtlog. Now check include none indexed,
hidden and system files then click the search button. Now wait a few
minutes or so until the search is finished. If Windows made a log file
is should come up in this search if your entered 'ntbtlog'. Once
Search in finished you can click on the file name right from within
the search utility and view it in Notepad or any text viwer or just
print it out.
What you're looking at is a check list of what Windows did in order in
try to last boot the system. If you see a log file Windows was at
least partially successful in booting, obviously. This file will
typically run hundreds of lines. You should see allmost every line
begin with "loaded driver" followed by the name and location of the
driver as seen at the bottom of this post.
If Windows can't load a driver it will say "did not load driver" as
you see in the example below. That at least should give you a clue.
Partial sample log (ntbt) log file:
Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb20.sys
Loaded driver \SystemRoot\System32\DRIVERS\srv2.sys
Loaded driver \SystemRoot\System32\DRIVERS\srv.sys
Did not load driver \SystemRoot\System32\DRIVERS\srv.sys
Loaded driver \SystemRoot\system32\DRIVERS\asyncmac.sys
Loaded driver \SystemRoot\system32\DRIVERS\parvdm.sys
boot yet things don't seem right, here a few places to look that may
help you solve your problem.
A. Using System Tools
Click on the Start button, All Programs, then Accessories, System
Tools and finally System information. You'll see a wealth of
information about your hardware, drivers, codecs and what if anything
is a issue to Windows in a simple to use tree format similar to
Windows Explorer. Click on a category in the left pane like
Components, then Storage and finally look under BOTH drives and disks
if you think you have a hard disk problem.
Looking under Hardware Resources/Conflicts often will show problems
with multiple devices sharing IRQ's.
Click under Software Enviroment, then System Drivers and you gain a
wealth of information on which drivers are running stopped, etc..
B. Control Panel
This area of Vista has changed quite a bit over past versions and at
times is more user friendly, yet some things are now burried. If you
go there, click on Classic View, then pick Administrative Tools.
Now select Event Viewer. Windows tries to log errors in three broad
categories; actual errors, warnings and just information. These may
help explain WHY Windows or one of your applications or devices got
hung up. Like with Device Manager, a red flag is serious and usually
something stopped working or is working as it should. Yellow means
something happened that shouldn't have but Windows likely was able to
recover at least partially.
For example I just looked in mine. The first error I see was caused by
my CD/DVD burner. Windows reported "The driver detected a controller
error on \Device\CdRom0". I remember it prevented the tray from
opening until I rebooted. Such "error log" events can be useful since
they show the date, time and likely source of problems. Not all, but
many.
A warning message in my error log said this:
"Windows detected your registry file is still in use by other
applications or services. The file will be unloaded now. The
applications or services that hold your registry file may not function
properly afterwards.
DETAIL -
1 user registry handles leaked from
\Registry\User\S-1-5-21-1645522239-884357618-839522115-1003:
Process 820 (\Device\HarddiskVolume1\Windows\System32\winlogon.exe)
has opened key
\REGISTRY\USER\S-1-5-21-1645522239-884357618-839522115-1003
Again I can tell by the timestamp this happened when I shut down for
the night. It took longer than usual, still managed to.
Something else you can try if you're having troubles booting or
booting seems to be taking longer then it should.
Advanced Tip:
Go to Start, then Control Panel, Administrative Tools, System Tools,
System Configuration and choose the boot tab. You will see a "boot
log" check box. Check it and restart computer and Vista will generate
a detailed human friendly log of all it did or TRIED to do during the
boot process as far as loading drivers. This can be a BIG file, but
looking at it line by line often will at least point to what's going
wrong. Once you solve the problem just turn this feature off again
from System Configuration and again reboot.
You will now have a log of all actions during boot.
Like many things in Vista "seeing" the bootlog file has been made
somehwhat harder.
Microsoft's default idea is to hide system files. This is done to
protect you the user from messing things up. So to easily find the log
file do the following:
Click on Start, then Search, Advanced. Under Location Select Local
drive C. Under name type: ntbtlog. Now check include none indexed,
hidden and system files then click the search button. Now wait a few
minutes or so until the search is finished. If Windows made a log file
is should come up in this search if your entered 'ntbtlog'. Once
Search in finished you can click on the file name right from within
the search utility and view it in Notepad or any text viwer or just
print it out.
What you're looking at is a check list of what Windows did in order in
try to last boot the system. If you see a log file Windows was at
least partially successful in booting, obviously. This file will
typically run hundreds of lines. You should see allmost every line
begin with "loaded driver" followed by the name and location of the
driver as seen at the bottom of this post.
If Windows can't load a driver it will say "did not load driver" as
you see in the example below. That at least should give you a clue.
Partial sample log (ntbt) log file:
Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb20.sys
Loaded driver \SystemRoot\System32\DRIVERS\srv2.sys
Loaded driver \SystemRoot\System32\DRIVERS\srv.sys
Did not load driver \SystemRoot\System32\DRIVERS\srv.sys
Loaded driver \SystemRoot\system32\DRIVERS\asyncmac.sys
Loaded driver \SystemRoot\system32\DRIVERS\parvdm.sys