Course outline

MVA Workshop: Troubleshooting Windows Systems with SysInternals Tools

Categories: Guaranteed To Run™, Microsoft

msp-logo

Duration: 1 Day

In this one-day MVA Workshop, students will get hands-on practice diagnosing, analyzing, and troubleshooting systems with the Windows Sysinternals suite of tools. This workshop is designed to enhance and extend the learning from the Utilizing Sysinternals Tools for IT Pros Microsoft Virtual Academy (MVA) video series. In this workshop, students will explore the most commonly used tools from the Sysinternals suite, including Process Explorer, Process Monitor, PsTools, and Autoruns. As a requirement for the workshop, students are expected to view the MVA videos to prepare for participation in the workshop. In the workshop sessions, a facilitator will lead students through short presentations that review the MVA material, hands-on labs, and class discussions. The majority of the time is spent on hands-on practice and exploration of the tools.

After completing this workshop, students will be able to:

  • Examine the benefits of the Sysinternals suite of tools.
  • Describe the capabilities of the most commonly used tools in the Sysinternals suite.
  • Use the Sysinternals tools to effectively troubleshoot Windows client performance issues.

Before attending this course, students must have:

  • Familiarity with the basics of the Windows architecture
  • Working experience and background knowledge of Windows 7 and Windows 8-based systems
  • Interest in improving the performance of Windows-based devices and solving associated problems

This workshop is intended for IT Professionals that provide Tier 2 support to users running Windows-based desktops and devices in small business environments to large enterprise organizations. In general, these enterprise and small business desktop support professionals focus on a broad range of technical issues related to Windows operating systems, devices, cloud services, applications, networking, and hardware support. These IT Professionals are responsible for the maintenance and support of desktops and devices, installing and testing line-of-business applications on these devices, and physically making changes to user devices or re-imaging devices as required.

The workshop is also designed for learners who prefer a compact and self-directed learning experience. The lab sessions will help learners gain an understanding of the features and capabilities of the key diagnostic tools in the Sysinternals suite.

Module 1: Introducing the Sysinternals Tools for Windows Client

This unit provides a brief introduction to the Sysinternals Suite of tools and allows students to download and configure the tools for use in subsequent labs. 

Lab : Preparing for the Labs

After completing this unit, students will be able to:

  • Download, configure, and run the Sysinternals tools.
  • Disable the security warning.
  • Explore the Sysinternals tools that they will be using in this workshop.

Module 2: Understanding Windows Core Concepts

This unit covers basic Windows Internals concepts such as memory management and how threads and processes interact. Students use tools such as Process Explorer, Performance Manager, and Task Manager to explore the various data structures discussed in this unit.

Lab : Making Visible the Invisible

After completing this unit, students will be able to:

  • Use Process Explorer v16.04 to view the relationship between the parent and child processes.
  • Use Performance Monitor v3.1 and Task Manager to examine processes.
  • Use Process Explorer to examine threads and context switching.

Module 3: Exploring Process Explorer

This unit provides students with a closer look at Process Explorer. In the lab, students have the opportunity to work with Process Explorer to obtain information such as the program that has a particular file or folder open and the associated dynamic-link libraries (DLLs) that the processes have opened or loaded.

Lab : Working with Process Explorer

After completing this unit, students will be able to:

  • Use Process Explorer v16.04 as the default program for viewing process information.
  • View DLLs and handles to open processes.
  • Map a system thread to a device driver.
  • View and adjust thread priorities.

Module 4: Process Monitor

This unit introduces Process Monitor for performing real-time monitoring of the file system, registry, and process and thread activity. Students will learn how to use Process Monitor to help troubleshoot Windows devices and find related diagnostic information.

Lab : Working with Process Monitor

After completing this unit, students will be able to:

  • Examine how the Windows operating system loader searches for dynamic-link libraries (DLLs).
  • Locate application registry settings.
  • Trace the startup of a process.
  • Trace how Internet Explorer uses Windows integrity mechanisms.
  • View software restriction policy (SRP) enforcement.

Module 5: PsTools

This unit introduces some of the commonly used PsTools command-line utilities that can be used to manage remote and local computers. In the lab, students will use PsTools to obtain information about system components, folder permissions, number of processors, and disk volumes. They will also use PsTools to terminate processes and to translate machine and user account names to their security identifiers (SIDs).

Lab : Working with PsTools

After completing this unit, students will be able to:

  • Find system information interactively across local or remote systems by using PsExec.
  • Obtain information about folder permissions by using Accesschk.
  • Obtain information about system components, number of processors, and disk volumes by using PsInfo.
  • Use PsKill to terminate a process.
  • Translate machine and user account names to their equivalent security identifiers (SIDs).

Module 6: Autoruns

This unit focuses on the enhanced Task Manager in Windows 8.1 and Autoruns, which is one of the Sysinternals tools. These tools help in identifying the apps and services that start automatically when a computer starts

.Lab : Managing Autostart Apps

After completing this unit, students will be able to:

  • Examine autostart processes.
  • Add an app to the autostart process.
  • Remove an app from the autostart process.
  • Use Autoruns to manage autostarts.

Feel free to contact us, if you want to know the price and location of this course. A Digital Revolver representative will contact you shortly to help you with your inquiry.
Please fill out the form below

  • Guaranteed to Run™. This ensures you will attend the instructor led class or live online class you want as scheduled without any disruptive cancellations*. You book the training you need, get back to focusing on your job and are sure your training requirements will be met saving time, money and ensuring peace of mind.
  • This schedule icon the schedule indicates that this date/time will be conducted as Instructor Led Training (ILT) or a Virtual Instructor Led Training (VILT) depending on the indicated class availablity.
Privacy and Cookies

This website stores cookies on your computer which help us make the website work better for you.

Learn moreAccept and Close
Social media & sharing icons powered by UltimatelySocial