MVA Workshop: Troubleshooting Windows Systems with SysInternals Tools (40076A)
This workshop is intended for IT Professionals that provide Tier 2 support to users running Windows-based desktops and devices in small business environments to large enterprise organizations. In general, these enterprise and small business desktop support professionals focus on a broad range of technical issues related to Windows operating systems, devices, cloud services, applications, networking, and hardware support. These IT Professionals are responsible for the maintenance and support of desktops and devices, installing and testing line-of-business applications on these devices, and physically making changes to user devices or re-imaging devices as required.
The workshop is also designed for learners who prefer a compact and self-directed learning experience. The lab sessions will help learners gain an understanding of the features and capabilities of the key diagnostic tools in the Sysinternals suite.
Before attending this course, students must have:
- Have viewed the Utilizing Sysinternals Tools for IT Pros MVA video course. (The course can be accessed for free at http://go.microsoft.com/fwlink/?LinkID=519353&clcid=0x409)
- Familiarity with the basics of the Windows architecture
- Working experience and background knowledge of Windows 7 and Windows 8-based systems
- Interest in improving the performance of Windows-based devices and solving associated problems
After completing this workshop, students will be able to:
- Examine the benefits of the Sysinternals suite of tools.
- Describe the capabilities of the most commonly used tools in the Sysinternals suite.
- Use the Sysinternals tools to effectively troubleshoot Windows client performance issues.
Module 1: Introducing the Sysinternals Tools for Windows Client
This unit provides a brief introduction to the Sysinternals Suite of tools and allows students to download and configure the tools for use in subsequent labs.
Module 2: Understanding Windows Core Concepts
This unit covers basic Windows Internals concepts such as memory management and how threads and processes interact. Students use tools such as Process Explorer, Performance Manager, and Task Manager to explore the various data structures discussed in this unit.
Module 3: Exploring Process Explorer
This unit provides students with a closer look at Process Explorer. In the lab, students have the opportunity to work with Process Explorer to obtain information such as the program that has a particular file or folder open and the associated dynamic-link libraries (DLLs) that the processes have opened or loaded.
Module 4: Process Monitor
This unit introduces Process Monitor for performing real-time monitoring of the file system, registry, and process and thread activity. Students will learn how to use Process Monitor to help troubleshoot Windows devices and find related diagnostic information.
Module 5: PsTools
This unit introduces some of the commonly used PsTools command-line utilities that can be used to manage remote and local computers. In the lab, students will use PsTools to obtain information about system components, folder permissions, number of processors, and disk volumes. They will also use PsTools to terminate processes and to translate machine and user account names to their security identifiers (SIDs).
Module 6: Autoruns
This unit focuses on the enhanced Task Manager in Windows 8.1 and Autoruns, which is one of the Sysinternals tools. These tools help in identifying the apps and services that start automatically when a computer starts.