220-1102 Software Troubleshooting Study Guide for the CompTIA A+ Core Series Exam
When software is deficient, so is the system that uses it, and processes are slowed down, stopped, or threatened. To be skilled in software troubleshooting, you must be knowledgeable in all types of PC and mobile device software issues. These include things like operating system issues, malware use, and security threats. Of the questions on the CompTIA A+ 1102 test, 22% of them concern these types of concepts. Obviously, software troubleshooting requires a lot of thinking on your feet, so all the questions about this topic will begin with a scenario.
Windows OS Problems
Many organizations utilize Microsoft Windows™ as their operating system of choice. This means that, as a tech, you should be able to troubleshoot issues with the Windows OS and quickly identify common problems. Questions in this area will be scenario based.
It’s important to be able to recognize common symptoms in the Windows OS and quickly determine how to best resolve the issue. Let’s look at several common symptoms that we see when there is an issue with the Windows OS.
Blue Screen of Death (BSOD)
A blue screen, more commonly known as BSOD, is a proprietary crash screen on Windows OS. A BSOD that occurs during the initial boot sequence could be caused by bad hardware, drivers, and/or bad applications. Since a BSOD can be caused by many different things, technicians need to research the specific error message provided by the BSOD.
Sluggish or slow performance is one of the most commonly reported problems with the Windows OS and may be caused by a wide variety of issues. Troubleshooting should start by narrowing down the component that is most affected by the slowdown, such as the CPU, RAM, hard drive, network, or graphics. You should begin by launching the Task Manager, which will provide insight into the performance of the various components.
The boot-up process of a computer occurs when the hardware transfers control of the computer to the OS. A failure to boot occurs when the computer is unable to load the operating system. Troubleshooting begins by collecting as much information as possible. The Windows Recovery Environment provides this information as well as options to allow Windows to repair itself via the Startup Repair option.
Frequent shutdowns are most often caused by faulty hardware or faulty drivers, but they may also be caused by power settings. To begin troubleshooting, check the Event Viewer first to view the Kernel-Boot or Kernel-General logs. These logs will let you know if the OS is shutting down properly or due to a lack of power. If you suspect a hardware problem, the first step is to reinstall the drivers before swapping for known working components.
Services Not Starting
Services are the backbones of our computers. Sometimes, necessary services do not start when the computer loads. Services can be stopped, started, and restarted in the Services menu and can also be viewed from Task Manager. When a service associated with a specific application won’t start, it might be time to consider reinstalling it.
It is not uncommon for applications to crash on a computer, and there are many different causes for these crashes. When an application crashes, the user may see the application close unexpectedly or simply freeze. If the application freezes rather than closes when it crashes, it may be necessary to end the task in Task Manager.
Low Memory Warnings
RAM is where the OS stores the data it is currently using. If the RAM on a computer fills up, it will move some of the working data into the page or paging file. A low memory warning occurs when there is not enough room in the page file for RAM to move data to it. The available space in the page file can be configured to auto-allocate space by the Windows OS via the Control Panel.
USB Controller Resource Warnings
The USB controller provides power and a data path to connected devices. Most 2.0 ports can accommodate five concurrent loads of 100 mA, while 3.0 ports can accommodate six concurrent loads of 150 mA. If the connected device draws more power than the USB controller can handle, the USB controller resource warning will appear. The simplest way to address this problem is to relocate some USB-connected devices to other USB ports.
System instability can cause application crashes. The first step to take is to look for uninstalled updates or patches for the application or the OS. The Reliability Monitor is also a helpful tool that provides information on application crashes as well as the dates when updates and patches were installed. The Events Viewer in the Reliability Monitor provides information and insight into Microsoft-based applications.
No OS Found
The message “No OS found” is a specific type of failure to boot. No OS found occurs when the computer is unable to locate OS files. This can be either because the storage devices do not contain any OS files, or the boot configuration loader is pointing to the wrong partition.
Slow Profile Load
A profile that takes a long time to load can be a result of having too many applications load at startup. It could also be a result of insufficient hard drive space or memory.
Time drift occurs when the real-time clock (RTC) on the motherboard begins to shift, causing the computer to run either faster or slower. Time drift on an OS running on hypervisor experiences this issue more drastically due to the fact that the hypervisor has to emulate the RTC rather than be in direct communication with the motherboard. Time drift can cause authentication problems as well as invalidated certificates.
Common Troubleshooting Steps
In the above section, we discussed some of the common symptoms of computer issues. Below, let’s look at some common solutions to these problems.
The phrase “Have you tried rebooting it?” is a common joke among IT folks because this is typically the first question that is asked when a problem arises. However, it isn’t just a joke; many issues really can be solved with a simple reboot. Before diving into any more complicated troubleshooting, a reboot should always be one of the first steps in troubleshooting.
Services are related to both system functions and specific applications. If an application or program isn’t running as it should, the service should be restarted to see if that helps. Services can be restarted in the Computer Management MMC by selecting Services.
Crashing applications may occur when critical files of the application are overwritten or corrupted. The application can be accessed via the Start Menu by selecting Settings, then Apps, and then Apps and Features. Once the application is located, you can choose to repair or update the application and see if the problem is resolved. If the problem persists, the next step is to uninstall and reinstall a clean installation of the application.
Computers are built with a finite amount of resources. Adding additional resources, such as RAM, CPUs, GPUs, or SSDs, is scaling up hardware and may be required for efficient performance.
Applications and software specify minimum requirements for installation. While this is valuable information, always keep in mind that the resources needed to run the application are being used by more than one program.
System File Check
The System File Checker tool is used to scan files for integrity and replace critical files when an OS stops functioning properly. The System File Checker can be accessed through Command Prompt using
sfc.exe and can be tasked to evaluate all files or a specific file.
While the System File Checker only replaces files if they fail an integrity check, Repair Windows reinstalls all files from the source media regardless of integrity while maintaining applications and user files. A clean copy of Windows is needed for this process, typically contained on a flash drive or a mounted ISO file.
System Restore allows for the creation of a restore point. The restore point is a copy of the OS configuration at a specific point in time. Using a restore point allows the user to return the OS to a known working point in time. Windows 10 and 11 have the automatic system restore function disabled by default, so it must be turned on to use.
In some extreme cases, it may be easier to simply uninstall and reload the operating system. Windows has options so that files can be saved even when a refresh of the OS is needed.
Roll Back Updates
Although updates are meant to improve computers, sometimes they can corrupt files and cause issues. In these cases, it’s necessary to roll back the updates and take your computer to a previous state before the updates were installed.
Rebuild Windows Profiles
If there is only an issue with a specific Windows profile, it may not be necessary to rebuild the entire computer operating system; instead, rebuilding that user’s profile could do the trick. This is because profiles can become corrupted.
Personal Computer (PC) Security Issues
Some computer issues have to do with security. To address them, you should be able to spot the signs of particular problems and know the tools available to render a solution. Questions in this area will be scenario based.
While symptoms of PC security issues can be highly intricate and complicated, you will need to be familiar with some of the more common symptoms that may indicate a security-related problem.
Unable to Access the Network
The inability to access the network can be caused by various conditions, both security-related and not, such as a faulty NIC or improperly installed network software. Security-related inability to access the network can be caused by malware, which can redirect network settings or force the connection to go through a proxy that may attempt to steal data.
An OS infected with malware may produce a desktop alert that is designed to look like a legitimate OS alert. These alerts are typically designed to scare the user into taking action, such as calling a specified number. When the number is dialed, the threat actor may attempt to sell a product or garner information from the user.
False Antivirus Protection Alerts
One of the most common false alerts is designed to imitate antivirus protection. These alerts tell the end user that their system is at risk and immediate action should be taken. The main goal of such alerts is to sell a product or collect information from the user.
Altered System or Personal Files
Indicators of a security issue can also be evident in the files stored on the computer. Malware may rename or delete files as well as alter the permissions on a file, locking the user out. Common malware that can affect files includes the rootkit, which gains embedded privileged access to the OS, and ransomware, which holds files or the entire system hostage until a set amount is paid.
If an OS is infected with malware, the threat actor may move or rename files or replace the files with malicious files. Also, renaming a file or moving a file changes the path of the file. If the file is needed in the running of an application or program, changing the path of the file can render the program useless.
Unwanted OS Notifications
Unwanted notifications within the OS may also be a sign of malware infection. These OS notifications may attempt to coax the user into installing additional malicious programs, possibly in the form of a Trojan horse or a program hidden behind a legitimate program.
OS Update Failures
If an operating system won’t install updates, this could be a symptom of a virus. Malware can interfere with normal operating system updates.
Security issues can also be evident in a web browser. Since they are so frequently used, the web browser is the easiest avenue for a threat actor to infect a system.
While pop-ups occur for a variety of reasons, including some legitimate reasons, if you click on the wrong pop-up, it may expose you to malware. Pop-ups that occur randomly should be addressed with a malware cleaner.
If you are browsing the internet and receive a security alert that a site has an invalid certificate, that could indicate the site is malicious and should be avoided. However, it may simply be that the site has an incorrect PC clock setting, causing its site certificate date to differ from your PC’s date. If you do receive a certificate warning, it is best to take caution unless you know for certain the site is safe.
If you find your browser has been changed or the results of a search come from a third-party site, it is likely that your browser has been redirected by malware. An anti-malware cleaner may or may not address the issue. You may want to restore your system from a known good backup.
All Study Guides for the CompTIA A+ Core Series Exam are now available as downloadable PDFs