Published: November 03, 2005
When you install the Microsoft Windows XP Professional operating system, the Setup program creates folders on your system drive into which it places files that the system requires. Knowing the names and locations of essential system files can help you understand and troubleshoot your Windows XP Professional installation.
For information on how to obtain the Windows XP Professional Resource Kit in its entirety, please see http://www.microsoft.com/mspress/books/6795.asp.
Related Information
- For information about troubleshooting Startup and running Recovery Console, see Chapter 29, “Troubleshooting the Startup Process.”
- For information about general troubleshooting concepts and strategies, see Chapter 27, “Understanding Troubleshooting.”
System Files
The following files are core components of the Windows XP Professional operating system. If you install Windows XP Professional as an upgrade from Microsoft Windows 2000 or earlier, the files listed in Table A-1 are located in the Windows\System32 folder or in Winnt\System32.
Table A-1 Essential System Files
| File Name |
Description |
| Ntoskrnl.exe |
Executive and kernel. |
| Ntkrnlpa.exe |
Executive and kernel with support for Physical Address Extension (PAE), which allows addressing of more than 4 gigabytes (GB) of physical memory. |
| Hal.dll |
Hardware abstraction layer. |
| Win32k.sys |
Kernel-mode part of the Win32 subsystem. |
| Ntdll.dll |
Internal support functions and system service dispatch stubs to executive functions. |
| Kernel32.dll
Advapi32.dll
User32.dll
Gdi32.dll |
Core Win32 subsystem DLLs. |
Startup Files
The following files are essential to the startup process. All files listed in Table A-2 are located in the boot or root directory (for example, C:\) of your Windows XP Professional installation.
Table A-2 Essential Startup Files
| File Name |
Description |
| Ntldr |
Reads the Boot.ini file, presents the boot menu, and loads Ntoskrnl.exe, Bootvid.dll, Hal.dll, and boot-start device drivers. |
| Boot.ini |
Contains options for starting the version of Windows that Setup installs and any preexisting Windows installations. |
| Ntdetect.com |
After the boot selection is made, Ntldr loads and executes this 16-bit real-mode program to query the computer for basic device and configuration information. This information includes the following:
- The time and date information stored in the system’s CMOS (nonvolatile memory).
- The types of buses (for example, ISA, PCI, EISA, Micro Channel Architecture [MCA]) on the system and identifiers for devices attached to the buses.
- The number, size, and type of disk drives on the system.
- The types of mouse input devices connected to the system.
- The number and type of parallel ports configured on the system.
|
| Pagefile.sys |
Contains memory data that Windows is unable to fit into physical RAM. During Startup, the virtual memory manager moves data in and out of the paging file to optimize the amount of physical memory available to the operating system and applications. |
| Ntbootdd.sys |
If either the boot or system drives are SCSI-based, Ntldr loads this file and uses it instead of the boot-code functions for disk access. |
Folders on the Local Disk
Setup creates the following folders (shown in Table A-3) on your local disk by default when installing Windows XP Professional.
Note When Windows XP Professional is installed as an upgrade from Windows 2000 or earlier, Setup installs the operating system into the existing Winnt folder. A Windows folder is not created.
Table A-3 Default Local Disk Folders
| Folder Name |
Contents |
| Documents and Settings |
Account information for each user who is granted access on the computer. Each user account is represented by a subfolder assigned the user name and called the user profile. Folders under each user account folder include My Documents, Desktop, and Start Menu. |
| Program Files |
Installed applications, such as Microsoft Internet Explorer or Microsoft Office. |
| WINDOWS or WINNT |
Entire operating system. |
Windows Folder
The Windows folder and its subfolders contain the operating system files for your Windows XP Professional installation (as shown in Table A-4).
Table A-4 Windows Folder and Subfolders
| Folder Name |
Contents |
| WINDOWS or WINNT |
Miscellaneous operating system and application files (for example, Control.ini, Desktop.ini, Notepad.exe, and System.ini files) |
| Addins |
ActiveX controls (.ocx) files |
| AppPatch |
Application compatibility files |
| Config |
Musical Instrument Digital Interface (MIDI) instrument definition files |
| Connection Wizard |
Internet connection files that are used when a computer starts Windows for the first time |
| CSC |
Offline files that are used during client-side caching |
| Cursors |
Cursor and icon files |
| Debug |
Log files |
| Downloaded Program Files |
Downloaded program files |
| Driver Cache |
Uninstalled driver files |
| ehome |
Used by Windows Media Center Edition |
| Fonts |
All font files |
| Help |
Help files |
| Ime |
Language files |
| ime (x86) |
Language files for x86-based systems |
| inf |
Device driver INF files |
| Installer |
Cached Windows Installer (.MSI) files |
| Java |
Java files |
| Media |
Sound and music files (for example: *.wav and *.midi) |
| MS |
Installation folder for Microsoft Systems Management Server (SMS) client |
| Msagent |
Microsoft Agent files (Microsoft Agent is a set of programmable software services that support the presentation of interactive animated characters within the Microsoft Windows interface.) |
| Msapps |
Files that support backward compatibility in applications |
| Mui |
Multi-user interface files |
| Offline Web Pages |
Downloaded Web pages for offline reading |
| PCHEALTH |
Help and Support Center files |
| PeerNet |
MSSL 2.0 files |
| PIF |
Program information files (PIFs) for MS-DOS-based programs |
| Prefetch |
Data files related to enhancing the speed at which applications start |
| Provisioning |
Schemas for creating wireless profiles |
| Registration |
COM+ files. (COM+ files are enhancements to the Microsoft Component Object Model [COM].) |
| Repair |
Registry backup files (These files are updated if you use NTBackup and choose to back up system state files.) |
| Resources |
User interface files |
| SchCache |
Schema cache folder |
| Security |
Log files, templates for snap-ins, and security database files |
| Setupupd |
Dynamic Update storage location |
| SoftwareDistribution |
Used by Automatic Updates |
| Srchasst |
Search assistant files |
| System |
Backward-compatibility files related to the System folder (for example, applications that look for a System folder) |
| system32 |
Core operating system files (For more information, see “System32 Folder” later in this appendix.) |
| Tasks |
Scheduled Task files |
| Temp |
Temporary files |
| twain_32 |
Imaging files (for scanners) |
| Web |
Printer and wallpaper files |
| WinSxS |
Side by Side (shared components) |
System32 Folder
The System32 folder and its subfolders contain the core operating system files for your Windows XP Professional installation. Table A-5 describes the System32 files.
Table A-5 System32 Folder and Subfolders
| Folder Name |
Contents |
| system32 |
Essential system files (for example, Hal.dll and Ntoskrnl.exe files). |
| 1025, 1028, 1031, 1033, 1037, 1041, 1053, 2052, 3076 |
Localization (language) files for a specific language, corresponding to the number assigned to this folder. This folder remains empty unless Windows XP Professional is localized for this particular language. |
| CatRoot |
Catalog files and signature files. |
| CatRoot2 |
Catalog files and signature files. |
| Com |
Component Object Model (COM) objects. |
| Config |
Registry files and event logs. |
| Dhcp |
DHCP database files. |
| DirectX |
DirectX files. |
| Dllcache |
Windows File Protection backup files. |
| Drivers |
Installed drivers. |
| Export |
Encryption Pack installation files. |
| Group Policy |
Group Policy administrative templates and script files. |
| Ias |
Internet Authentication Service files. |
| Icsxml |
Universal Plug and Play files. |
| Ime |
Language files. |
| Inetsrv |
Internet Information Services files. |
| Macromed |
Macromedia files. |
| Microsoft |
Cryptography files. |
| MsDtc |
Microsoft Distributed Transaction Coordinator files. |
| Mui |
Multi-user interface files. |
| Npp |
Network Monitor and trace files. |
| NtmsData |
Removable Storage Manager (RSM) database. |
| Oobe |
Windows Welcome files. |
| Ras |
Remote access server encryption files. |
| RemoteStorage |
Remote Storage Service (RSS) database. |
| Restore |
Data files or System Restore–related files. |
| Rpcproxy |
RPC Proxy files (RPCProxy.dll). |
| Setup |
Optional component manager files. |
| ShellExt |
Shell extension components. |
| Smsmsgs |
SMS Site Component Manager files. |
| SoftwareDistribution |
Used by Automatic Updates (Windows XP Service Pack 2). |
| Spool |
Print spooling files. |
| Usmt |
User State Migration tool. |
| Wbem |
Web-based Enterprise Management data files. Windows Management Instrumentation (WMI) is the Microsoft implementation of WBEM. |
| Wins |
WINS database files. |
Extracting Files from the Operating System CD
It is usually recommended that you use Add or Remove Programs in Control Panel to install and uninstall components, applications, and support software from the Windows XP Professional operating system CD. If system files are missing or damaged, you can run Windows XP Professional Setup from the operating system CD and choose the option to repair your existing installation. In some cases, however, you might need to extract a system or startup file directly from the operating system CD.
Warning If you install incorrect versions of system or startup files or if you install files to incorrect locations, your system might not operate as expected or might not start. Use the method described in this section only if your product support representative indicates that it is necessary to manually retrieve a compressed file from your operating system CD.
The /i386 folder on your Windows XP Professional operating system CD contains system and startup files in compressed form. If you need to replace a file in your Windows XP Professional installation, you can use the copy or expand command in Recovery Console to extract the needed file from the operating system CD. Use the copy command unless you are extracting a file from a .cab file, such as Driver.cab. When extracting a file from a .cab file, use the expand command.
When you use Recovery Console to extract a compressed file from the operating system CD, you must use exact file names for the compressed and uncompressed files. Table A-6 illustrates compressed and uncompressed file names.
Table A-6 Compressed and Uncompressed File Names
| Compressed File Name |
Uncompressed File Name |
| Ntoskrnl.ex_ |
Ntoskrnl.exe |
| Hal.dl_ |
Hal.dll |
Using the Copy Command in Recovery Console
If a file is not within a .cab file, you can use the copy command in Recovery Console to extract the file from the operating system CD and place it on your local disk in a Windows XP Professional installation. When you use the copy command to extract a file to a destination on your local disk, the file is automatically uncompressed. For more information about running Recovery Console, including how to add it to your startup options, see Chapter 29, “Troubleshooting the Startup Process.”
Use the copy command with the following syntax:
copy source [destination]
Table A-7 describes the parameters that you can use with the copy command.
Table A-7 Parameters for the Copy Command
| Parameter |
Description |
| Source |
Specifies the file to be copied |
| Destination |
Specifies the directory and/or file name for the new file |
Source can be removable media, any directory within the System32 directory of the current Windows installation, the root of any drive, the local installation sources, or the Cmdcons folder. (The C:\Cmdcons folder is the Recovery Console installation folder.)
Destination can be any directory within the System32 directories of the current Windows installation, the root of any drive, the local installation sources, or the Cmdcons folder. If you do not specify a destination, the command defaults to the current directory. The copy command prompts you if the destination file already exists. The destination cannot be removable media.
The copy command does not support replaceable parameters (wildcards).
Using the Expand Command in Recovery Console
To extract a file from a .cab file on the operating system CD and place it on your local disk in a Windows XP Professional installation, start Recovery Console and use the expand command. When you use the expand command to extract a file to a destination on your local disk, the file is automatically uncompressed. For more information about running Recovery Console, including how to add it to your startup options, see Chapter 29, “Troubleshooting the Startup Process.”
Use the expand command with the following syntax:
expand source [/f:filespec][destination][/y][/d]
Tables A-8 describes the parameters that you can use with the expand command.
Tables A-8 Parameters for the Expand Command
| Parameter |
Description |
| source |
Specifies the file that you want to expand. Cannot include wildcards. |
| destination |
Specifies the directory for the new file; the default is the current directory. |
| /y |
Suppresses the overwrite prompt when you expand or extract files. |
| /f:filespec |
If the source contains more than one file, this parameter is required to identify the specific file or files that you want to expand. Can include wildcards. |
| /d |
Lists the files contained in the cabinet file without expanding it or extracting from it. |
- The destination can be any folder within the System32 folder of the current Windows installation, the root of any drive, the local installation sources, or the Cmdcons folder.
- The destination cannot be removable media.
- The destination file cannot be read-only. Use the Attrib command to remove the read-only attribute.
- If the destination file already exists, the expand command prompts you for confirmation to overwrite the file unless you include the /y parameter.
Additional Resources
The following resources contain additional information related to this appendix.
Related Information
- Chapter 27, “Understanding Troubleshooting.”
- Appendix C, “Tools for Troubleshooting.”
- Chapter 28, “Troubleshooting Disks and File Systems.”
- Chapter 29, “Troubleshooting the Startup Process.”
- Windows XP Professional Help and Support Center, for more information about running and troubleshooting Windows XP Professional. Search using the keywords troubleshooting and recovery console.
Important
