Since 2004 I have worked at Microsoft – starting as a Support Specialist in the Networking team at CSS (Customer Service & Support) and then in late 2005 moving to the “Core” (Windows) support team, where my role today is a Senior Support Escalation Engineer.

Terminal Services (including the new “RemoteApp” technology), Hyper-V and user-mode debugging are the areas in which I typically spend my time at work.

I have delivered a few workshops in Sweden on “Windows Performance & Troubleshooting” to give people an insight into how Windows components (and we at Microsoft) “tick”.


One of my pastimes is to lurk in forums related to technical (typically networking or Windows) problems, as I find this a great way to get a view of the "real world" application of our technologies and the problems that people commonly run into (not just those I speak with on a daily basis because they pay for a Premier support contract).

I discovered there is a huge amount of FUD and a lot of misconceptions about Windows out there, so I have tried to redress the balance and educate where possible in my spare time.

The aim of this blog is to address some of the misconceptions and to give an insight into how we troubleshoot certain types of issues across different platforms (the tools and methods evolve along with the operating system, so what is true today can be of no use tomorrow).


For those interested in delving deep into the guts of the Windows operating system (way beyond simply calling APIs), the reference and training book of choice for us is Windows Internals - currently in its 4th edition and covering up to Windows Server 2003, but the 5th edition is in development and will cover Windows Vista.
* UPDATE * The 5th edition is now published (June 2009)!

Some of the main components may be covered in "overview form" in this blog.


For those interested in debugging or analyzing memory dumps, I would recommend a good understanding of assembly language, big-endian vs little-endian data storage, synchronization primitives (mutexes, semaphores, critical sections), linked lists, fragmentation, unicode, etc. before expecting to be able to wield a debugger with much in the way of useful results.

Some future posts in this blog may give a post-mortem debug breakdown for specific issues.


For those interested in an entertaining, practical and very thorough investigative approach to problem solving, I don't think it gets better than Mark Russinovich's blog.


What is up with that URL? “mrsnrub?”
What can I say, I like The Simpsons :)
I have to accept that people will call me Mr Shrub or Mr Snurb occasionally ;)