From 01134ba3a62820da304e7b4257acee93fe241d46 Mon Sep 17 00:00:00 2001
From: Joey Caparas <macapara@microsoft.com>
Date: Mon, 9 May 2016 17:32:11 +1000
Subject: [PATCH] add 2 sections

---
 windows/keep-secure/other-troubleshooting.md | 38 +++++++++++++++++++-
 1 file changed, 37 insertions(+), 1 deletion(-)

diff --git a/windows/keep-secure/other-troubleshooting.md b/windows/keep-secure/other-troubleshooting.md
index ffe6965d9c..1b192e4fa6 100644
--- a/windows/keep-secure/other-troubleshooting.md
+++ b/windows/keep-secure/other-troubleshooting.md
@@ -65,4 +65,40 @@ Event ID | Message | Resolution steps
 5 | Windows Advanced Threat Protection service failed to connect to the server at _variable_ | Ensure that the Windows Defender ATP endpoint has internet access.
 6 | Windows Advanced Threat Protection service failed to read the onboarding parameters. Failure code: _variable_ | Run the onboarding script again.
 7 |  Windows Advanced Threat Protection service failed to read the onboarding parameters. Failure code: _variable_ | Ensure that the Windows Defender ATP endpoint has internet access, then run the onboarding script again.
-15 | Windows Advanced Threat Protection cannot start command channel with URL: _variable_ | Ensure that the Windows Defender ATP endpoint has internet access.  
+15 | Windows Advanced Threat Protection cannot start command channel with URL: _variable_ | Ensure that the Windows Defender ATP endpoint has internet access.
+
+Check the startup type in the services console:
+
+1.  Open the services console:
+
+  a. Click **Start** and type **services**.
+
+  b. Press **Enter** to open the console.
+
+2.  Scroll through the list of services until you find **Connected User Experiences and Telemetry**.
+
+3.  Check the **Startup type** column - the service should be set as **Automatic**.
+
+ASK ALON HOW SET TO AUTOMATIC IF IT'S NOT SET FROM THE CONSOLE.
+
+Check that the service is running from the command line:
+
+1.  Open an elevated command-line prompt on the endpoint:
+
+  a.  Click **Start** and type **cmd**.
+
+  b.  Right-click **Command prompt** and select **Run as administrator**.
+
+2.  Enter the following command and press **Enter**.
+
+  sc query diagtrack
+
+  If the service is running, the result should look like the following screenshot:
+  ![Result of the sc query command for sc query diagtrack](images/windefatp-sc-query-diagtrack.png)
+
+3. If the service **STATE** is not set to **RUNNING**, then you'll need to enter the following command and press **Enter**:
+
+  sc start diagtrack
+
+4. A success message is displayed. Verify the change by entering the following command and press **Enter**:
+  sc query diagtrack