Windows 9x Structure
Windows 95 and 98 are 32-bit operating systems. Windows 95 had 2 releases - The FAT16 original release and later OSR2 which utilized the FAT32 file system, added personal web server, Active Desktop and several other new features. Windows 98 had 2 releases as well - The original version and Windows 98 Second Edition(SE). Below is an outline of the boot process and the files involved.
1. POST - Hardware tests
2. Plug and Play Configuration -Windows 9x is a Plug and Play(PnP) operating system. In order for PnP to work, the BIOS, hardware and operating system must all be PnP compliant.
3. Master Boot Record - The MBR is located.
4. IO.SYS - This file loads drivers and executes CONFIG.SYS, MSDOS.SYS and COMMAND.COM
5. COMMAND.COM - Loads AUTOEXEC.BAT
6. Windows core files are loaded
o WIN.COM - This file begins the loading of Windows 9x system files.
o KERNEL32.DLL/KERNEL386.EXE - These files contain the core operating system and is responsible for loading device drivers.
o GDI.EXE/GDI32.EXE - These files are responsible for loading the basic GUI or graphical user interface.
o WIN.INI - Along with WINFILE.INI and SYSTEM.INI, these files provide backward compatibility with older 16-bit applications and are not required in order for 32-bit applications to run under Windows 9x. Most of the functions of these files are now stored in the registry files.
7. The startup folder is checked for applications to load on startup.
Windows 9x also replaces many of the DOS start-up files such as IO.SYS, MSDOS.SYS and COMMAND.COM with newer versions. Most of the functions of the CONFIG.SYS and AUTOEXEC.BAT files are now handled by the new IO.SYS file, although entries in CONFIG.SYS will take precedence over entries in the IO.SYS file.
Windows 9x supports long file names up to 255 characters. Duplicate filenames(8.3 format) are assigned for backward compatability(i.e. DOS). This is done by taking the 1st 6 characters of the filename adding a tilde and then a number. For example, VERYLONGFILENAME.EXE would become VERYLO~1.EXE.
Windows 9x Core Components
The Windows 9x family of operating systems are made up of 3 core components:
• Kernel - OS foundation that provides error handling, virtual memory management, task scheduling, and I/O services.
• User - Responsible for the user interface and handles input from hardware devices by interacting with device drivers.
• GDI - Responsible for what appears on the display and other graphics functions.
Windows 9x Registry
The registry is a hierarchical database that contains the system's configuration information. The registry is made up of 2 files that are located in the Windows directory:
• USER.DAT - Contains information about system users.
• SYSTEM.DAT - Contains information about hardware and system settings.
The registry can be accessed with the utility REGEDIT.EXE which allows you to edit and restore the registry settings. The Windows 95 registry is backed up everytime the machine is booted. The backup files are called USER.DA0 and SYSTEM.DA0. Windows 98 backs up SYSTEM.DAT, USER.DAT, SYSTEM.INI and WIN.INI as .CAB files that are stored in in the hidden Windows\Sysbackup directory.
Windows 9x Virtual Machines
Windows 9x utilizes preemptive multitasking for 32-bit applications and cooperative multitasking for older 16-bit operations. Some of these applications require complete control of the system's resources and will not run properly under Windows 9x so the Virtual Machine Manager creates a special environment for these application known as a virtual machine in which the applications can be given the resources that they need.
MSCONFIG - Windows 98 comes with a utility called MSCONFIG.EXE that provides an easy way to edit the config.sys, autoexec.bat, win.ini and system.ini files. This manager also provides the ability to back these files up, modify the start-up environment and configure advanced troubleshooting settings.
SYSEDIT - Provides very similar functionality as MSCONFIG and allows the 4 files plus PROTOCOL.INI to be edited. It also provides a search function and Works in Windows 95/NT/2000.
Windows NT/2000 Structure
Windows NT and 2000 are 32 bit operating systems that run in 2 different modes which are kernel(protected) and user. Applications use Application Program Interfaces(APIs) to pass threads between the 2 modes. User mode provides no direct access to the system's hardware. The subsystems of these operating systems are outlined below.
WIN32 -- This subsystem handles support for 32-bit windows applications and is also known as the Client/Server subsystem. This subsystem has the following features:
• 32-bit architecture
• Multiple execution threads are supported for each process
• Memory Protection - each Win32 application is separated and protected from other applications
• OpenGL - Support for 2D and 3D graphics cards
• 2GB nonsegmented address spaces are assigned to each application
• NT/2000 supports DOS applications via VDMs(Virtual DOS Machines). A VDM is a Win32 application that creates an environment where DOS applications can run. It does this by making the NT Workstation resemble a DOS environment and tricks the DOS applications into thinking that they have unrestricted access to the computer's hardware. NT can only support DOS applications that use VDDs(Virtual Device Drivers) to intercept the applications calls to the computer's hardware.
• NT/2000 also supports Win16 applications with the use of a DOS application called WOW(Windows on Windows). WOW runs within a VDM that runs as a 32-bit process. If a Win16 application crashes it will only corrupt the WOW, but will not affect the rest of the NT operating system.
In addition to the above, Windows 2000 also adds the Plug and Play Manager and the Power Management Manager
The boot files used by NT/2000 are completely different than Windows 9x and are listed below:
• BOOT.INI - Specifies boot defaults, operating system locations, settings and menu selections.
• BOOTSECT.DOS - A file located in the system partition that allows the option to boot into another operating system such as Win98 or DOS.
• NTDETECT.COM - Hardware detection program that is located on the root of the system partition.
• NTLDR - File that loads the operating system and is located on the root of the system partition.
• NTOSKRNL.EXE - The executable file.
• OSLOADER.EXE - This is the OS loader for RISC based systems.
• NTBOOTDD.SYS - File used when the system or boot partition is located on a SCSI drive and the BIOS is disabled.
The registry editors included with Windows NT/2000 include Regedt32 and Regedit. For Windows 2000, the Regedt32 tool should be used while Windows NT can use either. Most of the registry(the static items) are contained in hive files which are located in the \WINNT\SYSTEM32\CONFIG directory. The 5 hives are SAM, security, software, system and default.
In Windows 2000 most system administration tasks are performed in the Computer Management Console that contains all of the various Microsoft Management Consoles(MMCs) in one location. Windows 2000 filenames can be up to 215 characters long and cannot contain the following: <>\/?*"| and Windows 2000 supports PnP while NT does not.
File Systems
The following are common hard disk configurations.
• Partition - A partition is a portion of a physical hard disk. A partition can be primary or extended
• Primary Partition - This is a bootable partition. One primary partition can be made active.
• Extended Partition - An extended partition is made from the free space on a hard disk and can be broken down into smaller logical drives. There can only be one of these per hard disk.
• Logical Drive - These are a primary partition or portions of an extended partition that are assigned a drive letter.
• Volume - This is a disk or part of a disk that is combined with space from the same or another disk to create one larger volume. This volume can be formatted and assigned a drive letter like a logical drive, but can span more than one hard disk. A volume set can be extended without starting over, however to make it smaller, the set must be deleted and re-created.
There are various management tools that can be used to configure drives. The Disk Management MMC is a snap-in for the Computer Management Console in Windows 2000. You can create partitions, volume sets, logical drives, format disks, etc. NT 4.0 had a similar tool called the "Disk Administrator". DOS and Windows 9x utilize the FDISK utility.
When discussing Windows file systems you need to understand what File Allocation Tables(FAT) are. FAT is a table that an operating system maintains in order to map the clusters(the smallest unit of storage) that a file has been stored in. When files are written to a hard disk, the files are stored in one or more clusters that may be spread out all over the hard disk. The table allows Windows to find the "pieces" of your file and reassemble them when you wish to open it.
There are several different types of file systems that are explained below:
• FAT16 - FAT16 table entries are 16 bits in length limiting hard disk sizes to 2GB. Note that even if the OS supports larger partition sizes, the BIOS must also support logical block addressing(LBA) or the maximum partition that you will be able to create will be either 504 or 528 MB.
• FAT32 - Created to allow more efficient use of hard drive space and allowed for partitions up to 8GB using 4KB cluster sizes. In order to format a drive as FAT32, the "Large disk Support" must be enabled when starting FDISK. FAT32 is not compatible with older versions of Windows including Windows 95A and NT. In Windows 9.x, the CVT1.EXE can be used to convert FAT16 partitions to FAT32.
• NTFS4 - NTFS4 is the file system used by Windows NT that provides increased security and reliability over other file systems. On an NTFS partition, you can't boot from a DOS boot disk - this is one of the security features of NTFS. Additionally, a floppy disk cannot be formatted as NTFS. For this reason it might not be a bad idea to have a small partition formatted FAT so that you can boot into DOS for recovery purposes. In order to convert a FAT partition to NTFS, NT includes a utility called convert.exe.
• NTFS5 - This is the native file system for Windows 2000. NTFS5 has many new features as follows:
o Encrypted File System(EFS) - Windows 2000 NTFS volumes have the ability to encrypt data on the disk itself. Cipher.exe is a command line utility that allows for bulk or scripted file encryption.
o Disk Quotas - Provides the ability to set space limitations on users on a per volume basis.
o Defragmentation - Windows 2000 now includes a disk defragmenter that can be used on NTFS partitions.
o Volume Mount Points - Provides the ability to add new volumes to the file system without having to assign a drive letter to them. This feature is only available on an NTFS partition using dynamic volumes.
o Compression - In Windows 2000 files, folders and entire drives can be compressed by right clicking on the item to be compressed and selecting "properties" and then "advanced".
The convert.exe utility can be used to convert a FAT or FAT32 partition to NTFS.
• HPFS - Stands for High Performance File System and is used with OS/2 operating systems. This file system can only be accessed by Windows NT 3.51 and OS/2.
Windows 9x operating systems also employ VFAT which is a protected-mode FAT file system that prevents DOS and the BIOS from accessing resources. VFAT is the replacement for SMARTDRV.SYS and uses a driver called VCACHE.
Operating System Supported File Systems
DOS FAT16
Windows 3.x FAT16
Windows 95A FAT16
Windows 95 OSR2 FAT16, FAT32
Windows 98 FAT16, FAT32
Windows 98SE FAT16, FAT32
Windows NT 4 FAT16, NTFS
Windows 2000 FAT16, FAT32, NTFS
In addition to the disk administration utilities previously mentioned, information about a drive can be displayed by right clicking the drive in My Computer or Windows Explorer & select Properties
Here you can view the amount of used and freespace on the drive, the capacity and the file system. The tools tab provides access to defragmentation, scandisk and backup utilities in Windows 98. Windows NT/2000 contain these items as well as a few additional. The 3rd tab is for sharing the drive and setting permissions on it so that it can be accessed across the network.
Backing up drives allows you to recover your data or even the entire system if a catastrophe occurs. There are several different types of backup:
• Full - copies all files and marks them as being backed up.
• Incremental - copies only files created/changed since last full backup and marks them as being backed up.
• Differential - copies only files created/changed since last full backup and doesn’t mark them as being backed up.
• Daily - copies only files created/changed today and doesn’t mark them as being backed up.
In DOS backups can be run with the BACKUP command. There are several switches that can be added to the command.
• /S - Forces all files and subdirectories to be backed up.
• /M - Only modified files are backed up.
• /D - Backs up files modified after a specific date.
• /T - Backs up files modified after a specific time.
The Windows 98 backup utility can be accessed via Start>Programs>Accessories>System Tools>Backup and also via right clicking on a drive in My Computer and selecting the tools tab as previously mentioned.
There are several different hard drive utilities that can be found in the various versions of Windows that are listed below:
• CHKDSK - This utility is run from a DOS prompt and recovers lost allocation units on a drive that can occur when an application or the system are ended unexpectedly. The /F switch converts the lost units into a format such that the units can be viewed and deleted. Can be found in all versions of windows.
• SCANDISK - The ScanDisk utility inspects the hard drive for errors and corrects them. Scandisk is available in DOS 6.x and Windows 9x.
• DEFRAG - Reorganizes data on the disk for optimal disk performance. In DOS this utility was run from a DOS prompt. In Windows 9x and 2000 this utility can still be run from a prompt or can be accessed at Start>Programs>Accessories>System Tools>Disk Defragementer. Windows NT did not come with a defragmentation utility.
• DRIVESPACE - This utility for windows 9x offers many of the same features as NT's disk administrator including compression, formatting and drive information.
Installations and Upgrades
All new Windows installations start with using FDISK(or 3rd party utility) to partition the drive followed by a reboot and then the formatting of the drive.
Windows 98 New Installation
In order to install Windows 9x the following minimum hardware requirements must be met. The system must be at lease a 486DX, 66MHz processor or higher, 16 MB RAM, VGA Video adapter and display, 225 MB free FAT16 hard disk space or 175 MB free FAT32 hard disk space.
Unlike Windows 95, Windows 98 does not have to be installed over another operating system such as DOS and does not require access to a FAT16 partition.
The typical method for installing Windows 98 is to boot the computer from the installation CDROM. This requires that the system's CDROM drive is bootable and that the BIOS is configured for this. First Scandisk will be run and if no errors are found, the GUI portion of the setup process will begin which includes the following stages:
1. Preparing to Run Windows 98 Setup
2. Collecting Information About Your Computer
3. Copying Windows 98 Files to Your Computer
4. Restarting Your Computer
5. Setting Up Hardware and finalizing Settings
6. Restart
Upgrade from Windows 3.x to Windows 95
This upgrade is performed by running Setup.exe located on the installation CDROM. When you upgrade from Windows 3.x to Windows 95, you'll find that settings in protocol.ini, system.ini, and win.ini are used to create the Windows 95 Registry. These files and any files with the .GRP extension are saved for backward compatibility.
Upgrade from Windows 95 to Windows 98
This is typically the easiest upgrade and involves loading the Windows 98 CDROM and executing setup.exe. This will lauch the setup program that will go through the same stages as for a clean install, however, any usable information that is available from Windows 95 will be used during the upgrade. Note that CMOS antivirus software can cause an upgrade to fail during the 1st stage of the installation process. Information about failures can be found in the SETUPLOG.TXT file. If Windows 98 is installed to a directory other than the Windows directory, all previously installed applications will have to be reinstalled.
Windows 2000 New Installation
For Windows 2000 Professional, the hardware requirements are:
• 133 MHz or higher Pentium-compatible processor
• 32MB of RAM minimum(64MB recommended; 4GB maximum)
• 2GB hard drive with a minimum of 650 MB of free space(Additional free hard disk space is required if you are installing over a network).
• Windows 2000 Professional supports up to 2 processors.
For Windows 2000 Server the hardware requirements are:
• 133 MHz+ Pentium-compatible CPU.
• 128 MB of RAM minimum (256 MB recommended; 4 GB maximum).
• 2 GB hard disk with a minimum of 1.0 GB free space. (Additional free hard disk space is required if you are installing over a network.)
• Windows 2000 Server supports up to four CPUs.
Before beginning any installation, you should check the Hardware Compatibility List(HCL) at Microsoft's website to make sure that your components are supported. If you have items that do not appear on the list, you should contact the manufacturer to see if they have updated drivers.
If you have a computer that will boot from the CD, then this is probably the way to go, otherwise you will be creating 4 setup disks using the makeboot.exe utility on the installation CDROM. Just like the NT 4.0 installation, we will start with the text based portion of the setup. You will be presented with an option to press enter to install Windows 2000. After you press enter you will read the license agreement and press F8 to accept. You will now be presented with a list of all of the disks and partitions that are on the system. Like NT 4 installation, you will have the option to create a new partition or select an existing one to install onto. Press C and you will arrive at the option to select NTFS, FAT or leave it the way it is. Files will be copied to your disk. After a reboot, the GUI based portion of setup will begin.
Windows 2000 is Plug and Play. The first portion of the GUI setup will detect your hardware and install drivers for it. Next you will have the option to select the locale for the computer. Then you will enter your name and orginization followed by the license key. After you click next you will be prompted for the licensing mode and will have the option of per seat or per server. Next, you will enter the computer's name and an Administrative password. Now you will see a list of services that you can choose to install. This will obviously vary depending on which services you will need to use on your network. Now you will be prompted to enter the date and time zone. The services that you selected in the previous step will now be installed. Now you will have the option to select whether you want typical network settings or want to specify custom settings and configure them accordingly. Now the install will finish and the machine will be rebooted.
Listed below are the possible upgrade paths: (There is no direct upgrade path from Windows 3.x )
Current OS: Upgrade to:
Windows 95 Windows 2000 Professional
Windows 98 Windows 2000 Professional
Windows NT Workstation Windows 2000 Professional
Windows NT Server Windows 2000 Server
Dual Booting Windows 9x and Windows 2000
Note that Windows 9x is incompatible with drives/partitions formatted with NTFS and will not recognize them. The following information assumes that Windows 9x is already installed on the system. When you insert the Windows 2000 CD-ROM, you should be prompted that the CD contains a newer version of Windows and will ask if you would like to upgrade the existing OS or install a new copy. You will want to select new copy or else the existing operating system will be overwritten. The installation program will begin copying files to the hard drive and will then need to be rebooted.
Next, your drives and partitions will be displayed and will be prompted to select a partition to install Windows 2000 onto. If you select the same partition as the one that Windows 9x is installed on, make sure that you select the option to keep the existing file system intact instead of formatting it, otherwise you will lose the Windows 9x OS. If you choose to install the operating systems onto different partitions, make sure that the Windows 2000 is not NTFS if you wish to be able to access that partition from Windows 9x. Furthermore, make sure that the boot partition is not formatted with NTFS or else you will not be able to boot into Windows 9x.
Boot Environment
This section will contain facts that you will need to know about booting the various operating systems. The boot files for the various operating systems has been covered already in Domain 1.0.
When booting DOS, there are a couple of boot options that can be used to modify the boot process:
• F5 or Left SHIFT - This will bypass the CONFIG.SYS and AUTOEXEC.BAT files.
• F8 - Processes CONFIG.SYS and AUTOEXEC.BAT one step at a time with confirmation required between steps.
For Windows 9x
• F8 or Left CTRL - Displays the Windows startup menu for Windows 9x that contains boot options such as Safe Mode. Safe Mode is a startup mode in which minimal drivers(mouse, keyboard and VGA display) are loaded and is used to troubleshoot boot and display problems.
• F5 - Boots directly into Safe Mode.
For Windows NT
• VGA Mode - The BOOT.INI file is responsible for the Windows NT/2000 startup screen that lists the operating systems available to boot into and VGA mode. VGA mode will only load standard VGA display drivers and is used for correcting a situation when a driver conflict occurs that prevents normal boot.
• Last Known Good Configuration - This option is presented 2nd and if the space bar is pressed, the system will load system configuration information from the last successful boot. This option is used for fixing problem that arise after installing a new device driver.
For Windows 2000
• F8 - Brings up the Windows 2000 Advanced Options menu which contains several choices as follows: Safe Mode, Safe Mode with Networking, Safe Mode with Command Prompt, Enable Boot Logging, Enable VGA Mode, Last Known Good Configuration, Directory Services Restore Mode and Debugging Mode.
Creating Boot Disks
DOS boot disks are created by using the command format a: /s. You should also copy SYS, EDIT, CHKDSK, FORMAT and FDISK onto the floppy.
In Windows 9X, you have the option to create a startup disk when installing the system. If the system is already installed and you need to create Windows 95 start disk, open the "Add/Remove Programs" control panel, select the "Startup Disk" tab and clickon "Create Disk". This disk will include ATTRIB.EXE, COMMAND.COM, SYS.COM, FDISK.EXE, FORMAT.COM, EDIT.COM, SCANDISK.EXE, IO.SYS, MSDOS.SYS and REGEDIT.EXE. Windows 98 startup disks are made in the same manner and include all of the above files and also OAKCDROM.SYS(CDROM driver) and EXTRACT.EXE(for uncompressing CAB files).
Windows NT boot disks can be made from the installation CD using the WINNT.EXE /OX command. For windows 2000, this can be accomplished by using the MAKEBOOT.EXE utility. Windows NT/2000 also utilize an Emergency Repair Disk which is used to repair the user account database(SAM) and the registry in case of a failure. In NT this can be created during installation or by using the RDISK utility. In Windows 2000 this can be done during installation or by using the backup utility.
Log Files
Windows 9x log files are:
• BOOTLOG.TXT - This file is created during the first boot after setup. The creation of a new BOOTLOG.TXT can be done by hitting F8 at startup and choosing "Logged" mode. The previous copy of BOOTLOG.TXT will be renamed to BOOTLOG.PRV. This log shows the boot process steps and whether they were successful or failed.
• DETLOG.TXT - This log shows the steps performed in detecting the system's hardware and is created anytime that hardware detection occurs such as during installation and when adding new hardware components.
• SETUPLOG.TXT - This file is created during installation of Windows 9x and records all the options chosen during setup.
Troubleshooting
Windows Issues
This section will discuss some of the more common Windows errors and how to resolve them:
• Windows Protection Errors - This typically is caused by the type or speed of the RAM installed in the system.
• Bad or Missing COMMAND.COM - This means that the OS is unable to locate the file COMMAND.COM. To fix this problem use the make sure that the necessary boot files are located on the hard drive. If not, boot with the startup disk and enter the command SYS C:\ which will copy the system files to the hard drive(Windows 9x only).
• HIMEM.SYS not loaded - Check the CONFIG.SYS file and make sure that the line Device=C:\HIMEM.SYS exists and that the path specified to the file is where the file actually is.
• Error in CONFIG.SYS line XX - This error is usually caused by a syntax error in the CONFIG.SYS or AUTOEXEC.BAT file where XX will be the line number that the error occurred.
• Operating system not found - A common cause of this error is booting a system with a non-bootable floppy in the floppy drive. It can also be caused by missing boot files. To correct this, boot with the startup disk and enter the command SYS C:\ which will copy the system files to the hard drive(Windows 9x only).
• General Protection Faults(GPF) - Can be caused by software or hardware. GPFs can be caused by damaged core files which may need to be replaced or by a corrupt registry which can be restored from backup. They can be caused by running an application that is not designed for the operating system you are using. The Dr Watson utility will write information about these errors to DRWATSON.LOG which can be viewed for more information.
• Illegal Operation - Usually caused when 2 or more application attempt to use the same memory space. Incorrectly installed applications and software bugs. Try reinstalling the application and if the errors persist, check with the software vendor for patches/updates to the software.
• System locks up - Typically, this is caused by an application that is hung and can be corrected by ending the task. To end a task press CTRL + ALT + DEL and find the application that is not responding. ALT + F4 can also be used to close active windows. In Windows NT/2000 the CTRL + ALT + DEL or CTRL + SHIFT + ESC keys can be used to access Task Manager.
• Application will not start - Make sure that the file that is executed has a .EXE, .BAT or .COM extension. If attempting to run the application from a shortcut, make sure in the shortcut properties that the path to the application is correct.
Printing Issues
• Print Spooler is stalled - Go to the spool folder which is located in C:\Path to system files\spool\printers directory and delete all files in this location and resend any incompleted print jobs.
• Incorrect print drivers - Having an incorrect driver can cause any number of problems from pages coming out as garbled ASCII text to not having access to the full range of features available for that printer. Drivers can be updated by going to the Printers control panel, right clicking on the printer and select properties.
• Out of memory - Print jobs have to be spooled to hard disk space. If there is not enough hard disk space available this error will occur. Try freeing up hard drive space or move the spool folder to a drive with more free space.
Other Troubleshooting Tools
Throughout this guide we have discussed many of the Windows troubleshooting tools. Below is a list of the ones that haven't been covered yet.
• MSINFO - Used to view installed devices and drivers. - Windows 9x
• HWINFO - The Hardware Diagnostic Utility is located in C:\Windows\HwInfo.exe and there aren't any shortcuts to it by default. In order to run this utility you need to append a /UI switch. This "tool" was run during your initial install of Win98 and created a record of various hardware settings, drivers, file sizes & dates, memory ranges, resource allocation, etc. - Windows 98 only
• Dr Watson - Will generate an error log when certain types of errors occur. This information can be accessed by typing drwatson in the run dialog box. - Windows 3.x/9x/NT/2000
• ASD.EXE - Automatic Skip Driver Agent identifies devices that can cause Windows 98 or Windows Me to stop responding (hang) when you start your computer, and then disables them so that they are bypassed when you next restart your computer.
• Maintenance Wizard(TUNEUP.EXE) - Allows you to schedule maintenance utilities such as defrag and scandisk. - Windows 98
• Signature Verification Tool - Microsoft "Signs" drivers which means that they are approved to work on a particular operating system. This tool checks files and informs you whether or not they have been signed by Microsoft. - Windows 98
• Event Viewer - This tool is a log of system, application and security events(successes and failures). Can be used to obtain more information about system and application errors. - NT/2000
• SCANDISK - The ScanDisk utility inspects the hard drive for errors and corrects them. The standard test will inspect files and folders while the advanced test will also checks the disks physical surface. ScanDisk is run automatically on startup when the system detects that the system was not shut down properly. Scandisk is available in DOS 6.x and Windows 9x.
Viruses
There are several different categories of viruses as follows:
• File infector viruses - File infector viruses infect executable program files such as .com and .exe files. The can infect other files when an infected program is run from floppy, hard drive, or from the network.
• Boot sector viruses - Boot sector viruses infect the system area of a disk known as the boot record.
• Master boot record viruses - Master boot record viruses are memory resident viruses that infect disks in the same manner as boot sector viruses. The difference between these two virus types is where the viral code is located. These can often be fixed by using FDISK /MBR.
• Multi-partite viruses - Infect both boot records and program files.
• Macro viruses: These types of viruses infect data files and are the most common. With the advent of Visual Basic in Microsoft's Office 97, a macro virus can be written that not only infects data files, but also can infect other files as well.
There are 2 other types of attacks that are common via the use of Trojans and Worms as described below:
• Trojan Horse - These are files that claim to be something desirable but are destructive and cause loss or theft of data. Trojans are different from viruses as they do not replicate themselves like viruses do.
• Worms - These are programs that replicate themselves from system to system without the use of a host file.
Most viruses are spread via email and the internet, but can also be spread via removable media(i.e. floppies) or across a network. Anti-virus software should be used to protect against virus threats and "clean" files when a computer does become infected.
Networking
The function of a network is to share resources between computers. In order for this to happen the computers must be able to "talk" to each other which is accomplished with the use of protocols which are essentially a set of "rules" that govern communication over a network. Computers must be configured with a common protocol in order to be able to communicate. Below are some of the most common protocols:
• IPX/SPX - The fastest routable protocol and is used on Novell Netware networks.
• TCP/IP - TCP/IP is the most largely used protocol as it is the foundation for communication over the internet.
• NETBEUI - The NetBios Extended User Interface is a non-routable protocol that establishes connections between computers with the use of NetBIOS.
• HTTP - Stands for Hypertext Transfer Protocol and is the set of rules for exchanging files and multimedia on the internet. HTTPS denotes that it is a secure connection.
• SMTP - Stands for Simple Mail Transfer Protocol and is used to reliably send mail over the Internet.
• POP3 - This is the Post Office Protocol and is used for the receiving of email.
Most networks are governed by a network operating system(NOS) such as NT or Windows 2000 Server. The servers are responsible for providing and denying access to resources with the use of shares, rights and permissions for the various users. In order for a resource to be accessed across a network, it must be shared first. There are a couple of different ways to create shares in Windows.
Computers are given unique names to help identify them on the network. In Windows 9x the computer name can be up to 15 characters long and cannot use spaces. In Windows 2000, the name can be up to 63 characters and should only contain letters, numbers and hyphens.
Name Servers
Name servers such as WINS and DNS are used to make finding resources on large network easier without having to memorize IP addresses. They provide a more "friendly" way of locating things.
WINS is used to register NetBIOS names and resolve them to IP addesses for both local and remote hosts. If a WINS server is configured, then name resolution requests are sent directly to it and in turn the WINS server will send the IP address to the requesting client.
The internet used to use a hosts file to resolve IP addresses to host names or domain names. The internet grew to the point where the administration and the traffic needed to maintain this file became unbearable and DNS was born. The way DNS works is very similar to calling information. You call them with a name, they check their database and give you the phone number. Nameservers are distributed into tiers called domains.
TCP/IP Utilities
• Telnet - Provides a virtual terminal or remote login across the network. The remote server must be running a Telnet service for clients to connect.
• Tracert - By sending out ICMP packets, it determines the path taken by a data packet to reach it’s destination and can help determine at what point a network connection is now longer active.
• WINIPCFG - Displays current TCP/IP configurations on the local workstation for Windows 9x computers.
• IPCONFIG - IPCONFIG displays the TCP/IP configuration on the Windows NT computers. The /all switch will display more in depth configuration information. The /release and /renew options can be used to update DHCP settings.
• FTP - Used for transferring data across a network from a server to a client.
• PING - Uses ICMP to verify a connection to a remote host by sending echo requests and "listening" for replies.
• FTP - Stands for File Transfer Protocol and is a method of transferring files between 2 machines.
• NSLOOKUP - This utility is used to enter a host name and find out the corresponding IP address and is often used for troubleshooting DNS problems. Reverse lookups can also be performed.
Internet
The internet is essentially many networks connected together. Users then connect to the internet using either dial-up networking or newer digital technologies. In either case, these services are provided by an Internet Service Provider(ISP). The ISP also will assign your computer a unique IP address and provide email and Newsgroup services.
• Root Level Domains - The top of the tree.
• Top Level Domains - These are divided into different categories. Com, net, mil, edu, org and gov are the most common.
• Second Level Domains - These domains make up the rest of networks as all sub-domains are categorized under this heading. So if you visit Intel's site, you are visiting the sub-domain intel.com. Within intel.com many other sub-domains may also exist.
• Hosts - Hosts are the final level in the hierarchy as they are the individual computers that occupy or comprise a domain and are where the web pages are located.
IP addresses are resolved to domain names using DNS as previously discussed.
Windows NT and Windows 9x Dual Boot Setup
Many people have an interest in setting up their computers to be able to boot either Windows 95 (or Windows 98) or Windows NT. Here's the easiest way to do that, and what to watch out for. The information below is for adding Windows NT to a system that already has Windows 95/98. I have a separate page with information on adding dual-boot to a system that already has Windows NT installed.
First, keep the following points in mind:
1. NT cannot be installed on any drives that are formatted as FAT32, nor can it currently view any data on such drives.
2. Windows 95/98 cannot view any data on drives formatted at NTFS
So, if you want to run dual-boot and have either operating system see all the drives on the system, you must keep them formatted as pure FAT (also called FAT16).
Steps for setting up dual-boot:
1. Install Windows 95 or Windows 98. If you already have Windows 9x installed, don't bother reinstalling unless you need to reformat your drives because of the above warnings.
2. Put in the Windows NT CD-ROM. It should auto-run and bring up a window with a button to "Install Windows NT". If not, go into the /i386 folder and run winnt.exe.
3. NT will start to install, copying tons of files to the disk, then will require a reboot.
4. In the second phase of the installation, NT will display your drives and partitions. It will ask which partition you want NT installed upon. Select any of the partitions that are FAT (you can even select the one that Windows 9x is on). When prompted whether you want that partition reformatted, be sure to select that you want to keep the existing file system intact! NT will install to /winnt, not to /windows, so it won't overlay Windows 9x.
5. Installation will continue, with numerous reboots. NT will automatically set up a dual-boot menu.
Once completed, upon booting the system you'll see a menu that has three entries similar to this:
Windows NT Workstation Version 4.00
Windows NT Workstation Version 4.00 (VGA Mode)
Microsoft Windows
A countdown timer will start, and automatically boot into the first option in 30 seconds unless a key is pressed. Select the option you want and press enter. "Microsoft Windows" will boot your previously-installed Windows 95. "VGA Mode" for Windows NT is much like Windows 9x's "Safe Mode".
To change which option is booted by default, boot into Windows NT, right-click on My Computer and select Properties. One of the tabs is "Startup/Shutdown". From that tab you can select which item is booted by default, and how long the default countdown time is set at.
Other Notes about Dual-Booting
• NT needs the active partition (the one your computer is going to start things from, usually the C: drive) to be FAT. Thus, if you have two partitions, a C: and D: drive, and make the C: one FAT32 and install Windows 98, then try to do dual-boot with NT, it won't work (because NT needs to put some initial startup files on C:, and it can't deal with FAT32).
• If you have multiple hard drives, you can set up dual-boot so that one operating system is on one drive, and the other on the second hard drive. They are really just seen as different partitions.
Removing NT/2000 from a Dual Boot Setup
So, you've set your system up to do dual-booting Windows NT 4.0 with Windows 9x, or for dual-booting Windows 2000 with Windows 9x. But now you've changed your mind; you want your system to just run Windows 9x, and want to remove both the Windows NT/2000 files and want that bootup menu to go away.
Here's how to do that! It's quite easy, but as with any changes that affect how your operating systems works, be sure to do a backup first.
This procedure is known to work with:
• Windows NT 3.51/4.0
• Windows 2000
• Windows 95 (all flavors)
• Windows 98 and 98 Second Edition
It has not been tested with the upcoming Windows Millennium, but most likely will work with it as well.
Steps to Remove Windows NT/2000 from your Dual-Boot System:
1. Make sure you have a Windows 95 or 98 Startup Diskette. If not, create one from Control Panel/Add Remove Programs/Startup Disk tab.
2. Boot your computer with that diskette. You'll end up at a DOS prompt.
3. At the A: prompt, type the following: sys c: and press Enter. After a few seconds you'll see a message stating "System Transferred".
4. Remove the diskette and boot the computer. You should not see the boot menu, but boot directly into Windows 9x.
5. Now, you can remove the Windows NT/2000 files. Assuming you have installed in default folders, you can delete the following (adjust drive letters for your configuration):
c:\winnt
The following from c:\, which are all hidden files:
ntldr
ntdetect.com
boot.ini
pagefile.sys
bootsect.dos
That's it, you're done!
