Problem Steps Recorder does not capture a video of the user performing actions. Instead, a screenshot is captured each time the user clicks on a screen item. The screenshots and user actions are saved in a report that can be e-mailed or saved to a shared storage location. The report is an .mht file that contains both text and the screenshots. To keep the report size small, it is compressed in a zip file.

It is important to remember that Problem Steps Recorder does not capture anything that is typed. If information being typed is important, the user needs to add a comment that includes the information being typed.

The System Information utility can export its findings to a text f le or it can be saved to a System Information file. System Information files use the extension .NFO and store data in a compressed binary format.

A System Information f le can be e-mailed to another technician and reviewed by opening the f le with the System Information utility. This is an eff cient way to summarize the details of the current software and hardware running on the computer. The System Information utility can also report critical observations such as what programs are started automatically and what hardware conf icts are present.

The Computer Manager is used by the following utilities:

• Task Scheduler: The Task Scheduler console is used to view the recent and current status of tasks that are started automatically. New tasks can be created and organized into a structured list called the Task Scheduler Library. The Task Scheduler Library includes a predef ned structure for Windows 7 operational tasks. In addition to the predef ned tasks, custom tasks can be created and organized for user-def ned categories or applications, such as tasks for trigger events in Event Viewer.

Read more about the Task Scheduler at:
http://windows.microsoft.com/en-US/windows7/schedule-a-task.

• Event Viewer: The Event Viewer utility is an MMC console snap-in used to browse and manage the records of system events and messages stored in system event logs. The Windows 7 version of Event Viewer has been rewritten to offer richer reporting than the version used with Windows XP or earlier versions of Windows. The Event Viewer is also available in the Administrative Tools as a stand-alone MMC console.



Each event log has its own properties.



Data in an event log can be filtered. An event log filter can be defined separately for each log. A filter can be edited in XML format by opening a log's filter and selecting the XML tab.



Custom view presents the same options as an individual filter, but multiple logs or sources can be selected.

A single event in the log can be highlighted in the upper-middle pane, and its details are displayed in the lower-middle pane.



Each event includes additional information that is not displayed on the General tab. The details of a single event can be copied to the Windows clipboard.



Read more about the Event Viewer at:
http://www.windows7update.com/Windows7-Event-Viewer.html.

Activity 12-1

• Shared Folders: The Shared Folders console identifies what folders are shared on the current computer, who is connected to those shared folders, and what files in those shared folders are open. For troubleshooting purposes, this can be useful to identify what resources are in use by users who may be connected remotely. If the computer is about to be restarted, this can identify who needs to be notified so that they can close their connections before the restart and avoid data file corruption for their open files. The shared folders' details can also be reviewed to see if the security settings or limits are correct. If they are incorrect, they can be modified from here.


• Local Users and Groups: The Local Users and Groups console identifies the users created on the local computer and the security groups those users belong to. For troubleshooting, this can be used to audit the groups and permission levels for a user account to see if the details match the user's expectations.


• Performance: The Performance console can be used to view real-time performance data or stored performance data from a log file. You can create Data Collector Sets to configure and schedule performance counter, event trace, and configuration data collection so that you can assess the results at a later date and view reports. Windows 7 has a new tool, called Resource Monitor, which allows you to view detailed real-time information about hardware resources (CPU, disk, network, and memory) and system resources (including handles and modules) in use by the operating system, services, and running applications. In addition, you can use Resource Monitor to stop processes, start and stop services, analyze process deadlocks, view thread wait chains, and identify processes locking files.


• Device Manager: The Device Manager console reports the status of the currently attached computer hardware. When troubleshooting odd computer behavior, this tool can be used to address the following questions:
• Are all expected hardware devices attached to the computer?
• Are any devices disabled? If this is the problem, the device can be enabled by clicking Enable Device on the device’s properties window.
• Are all devices working properly? Some listed devices may have an exclamation icon or question mark over the regular device icon to identify devices with issues. The Other devices category in Device Manager reports hardware devices that are not properly recognized by Windows 7. This can direct efforts to determine hardware that is broken, needs new drivers sourced, or is incompatible and must be replaced.


• Disk Management: Disk Management reports the disk configuration of the computer.
• Determine if all disks are present as expected
• Review if any disks are reporting degraded status
• Identify drive letter assignment
• Anticipate space issues for storing additional files


• Services: The Services console presents controls and reports the state of installed services that can be managed from this user interface. Services run as a process in the background within a session restricted from the user's own session for security isolation. The services do not directly communicate with the user because of this security separation, so this console is the preferred method to alter service behavior. The data that controls a service typically resides in the registry, but this data should not be modified directly from the registry.

The Services console presents a list of services on either the Extended or Standard tab. Both tabs list the same services, but the Extended tab provides a verbose description for some services. The displayed services can be sorted by column that include:

• Name - The name of the service
• Description - The description of what the service does
• Status - The operational state of the service: Starting, Started, Stopping, Stopped (blank)
• Startup type - How the service is started (Automatic Delayed Start, Automatic, Manual, Disabled)
• Log On As - The user or system account security level that the service runs as

The properties of a service can be modified by selecting a specific service in the Services console and selecting Properties.



A service operates as an application in its own secured session with the security credentials defined on the Log On tab of the service's properties.



Services that fail or crash may be configured to restart based on the settings found on the Recovery tab.



A service can be experiencing errors or issues due to the effect of other services it depends on that are having problems.



• WMI Control: Configures and controls the Windows Management Instrumentation (WMI) service. WMI allows management systems to interact with agent software running as part of the Windows 7 operating system. WMI is used for reporting and configuration of application and operating system data through WMI requests, which can be made locally or remotely. Network Management software can use WMI to gather information on the status of Windows 7, such as running processes or hardware configuration.

• Troubleshooting: Action Center contains categorized troubleshooters in the Troubleshooting area. Each troubleshooter is a wizard that can automatically identify and fix common problems. New and updated troubleshooters are obtained from the Windows Online Troubleshooting service



• Recovery: The Recovery option in Action Center is used to recover from system problems by restoring Windows 7 to a previous state. In most cases, you use System Restore for the first attempt at system recovery. If that doesn't resolve the problem, then you can use the Advanced recovery methods. The Advanced recovery methods are (1) Use a system image you created earlier to recover your computer and (2) Reinstall Windows. To reinstall Windows, you must have have the Windows 7 installation DVD.


• Reliability Monitor: When you choose View reliability history in the Maintenance area of Action Center, you open Reliability Monitor. Reliability Monitor is a tool that rates the system stability of Windows 7 and lets you monitor the events that contribute to system stability.

Activity 12-2