Book description
Optimize Windows system reliability and performance with Sysinternals
IT pros and power users consider the free Windows Sysinternals tools indispensable for diagnosing, troubleshooting, and deeply understanding the Windows platform. In this extensively updated guide, Sysinternals creator Mark Russinovich and Windows expert Aaron Margosis help you use these powerful tools to optimize any Windows system’s reliability, efficiency, performance, and security. The authors first explain Sysinternals’ capabilities and help you get started fast. Next, they offer in-depth coverage of each major tool, from Process Explorer and Process Monitor to Sysinternals’ security and file utilities. Then, building on this knowledge, they show the tools being used to solve real-world cases involving error messages, hangs, sluggishness, malware infections, and much more.
Windows Sysinternals creator Mark Russinovich and Aaron Margosis show you how to:
Use Process Explorer to display detailed process and system information
Use Process Monitor to capture low-level system events, and quickly filter the output to narrow down root causes
List, categorize, and manage software that starts when you start or sign in to your computer, or when you run Microsoft Office or Internet Explorer
Verify digital signatures of files, of running programs, and of the modules loaded in those programs
Use Autoruns, Process Explorer, Sigcheck, and Process Monitor features that can identify and clean malware infestations
Inspect permissions on files, keys, services, shares, and other objects
Use Sysmon to monitor security-relevant events across your network
Generate memory dumps when a process meets specified criteria
Execute processes remotely, and close files that were opened remotely
Manage Active Directory objects and trace LDAP API calls
Capture detailed data about processors, memory, and clocks
Troubleshoot unbootable devices, file-in-use errors, unexplained communication, and many other problems
Understand Windows core concepts that aren’t well-documented elsewhere
Table of contents
- Cover
- Title Page
- Copyright Page
- Contents at a glance
- Table of Contents
- Foreword
-
Introduction
- Tools the book covers
- The history of Sysinternals
- Who should read this book
- Organization of this book
- Conventions and features in this book
- System requirements
- Late-breaking changes
- Acknowledgments
- Errata, updates, and book support
- Free ebooks from Microsoft Press
- We want to hear from you
- Stay in touch
-
Part I: Getting started
- Chapter 1. Getting started with the Sysinternals utilities
- Chapter 2. Windows core concepts
- Chapter 3. Process Explorer
- Chapter 4. Autoruns
-
Part II: Usage guide
-
Chapter 5. Process Monitor
- Getting started with Procmon
- Events
- Filtering, highlighting, and bookmarking
- Process Tree
- Saving and opening Procmon traces
- Logging boot, post-logoff, and shutdown activity
- Long-running traces and controlling log sizes
- Importing and exporting configuration settings
- Automating Procmon: command-line options
- Analysis tools
- Injecting custom debug output into Procmon traces
- Toolbar reference
- Chapter 6. ProcDump
- Chapter 7. PsTools
-
Chapter 8. Process and diagnostic utilities
-
VMMap
- Starting VMMap and choosing a process
- The VMMap window
- Memory types
- Memory information
- Timeline and snapshots
- Viewing text within memory regions
- Finding and copying text
- Viewing allocations from instrumented processes
- Address space fragmentation
- Saving and loading snapshot results
- VMMap command-line options
- Restoring VMMap defaults
- DebugView
- LiveKd
- ListDLLs
- Handle
-
VMMap
- Chapter 9. Security utilities
- Chapter 10. Active Directory utilities
- Chapter 11. Desktop utilities
- Chapter 12. File utilities
- Chapter 13. Disk utilities
- Chapter 14. Network and communication utilities
- Chapter 15. System information utilities
- Chapter 16. Miscellaneous utilities
-
Chapter 5. Process Monitor
-
Part III: Troubleshooting—“The Case of the Unexplained...”
-
Chapter 17. Error messages
- Troubleshooting error messages
- The Case of the Locked Folder
- The Case of the File In Use Error
- The Case of the Unknown Photo Viewer Error
- The Case of the Failing ActiveX Registration
- The Case of the Failed Play-To
- The Case of the Installation Failure
- The Case of the Unreadable Text Files
- The Case of the Missing Folder Association
- The Case of the Temporary Registry Profiles
- The Case of the Office RMS Error
- The Case of the Failed Forest Functional Level Raise
- Chapter 18. Crashes
-
Chapter 19. Hangs and sluggish performance
- Troubleshooting hangs and sluggish performance
- The Case of the IExplore-Pegged CPU
- The Case of the Runaway Website
- The Case of the Excessive ReadyBoost
- The Case of the Stuttering Laptop Blu-ray Player
- The Case of the Company 15-Minute Logons
- The Case of the Hanging PayPal Emails
- The Case of the Hanging Accounting Software
- The Case of the Slow Keynote Demo
- The Case of the Slow Project File Opens
- The Compound Case of the Outlook Hangs
-
Chapter 20. Malware
- Troubleshooting malware
- Stuxnet
- The Case of the Strange Reboots
- The Case of the Fake Java Updater
- The Case of the Winwebsec Scareware
- The Case of the Runaway GPU
- The Case of the Unexplained FTP Connections
- The Case of the Misconfigured Service
- The Case of the Sysinternals-Blocking Malware
- The Case of the Process-Killing Malware
- The Case of the Fake System Component
- The Case of the Mysterious ASEP
- Chapter 21. Understanding system behavior
- Chapter 22. Developer troubleshooting
-
Chapter 17. Error messages
- Index
- About the Authors
- Survey
- Code Snippets
Product information
- Title: Troubleshooting with the Windows Sysinternals Tools
- Author(s):
- Release date: October 2016
- Publisher(s): Microsoft Press
- ISBN: 9780133986549
You might also like
book
Mastering Windows Security and Hardening - Second Edition
A comprehensive guide to administering and protecting the latest Windows 11 and Windows Server 2022 from …
book
Windows Security Internals
Windows Security Internals is a must-have for anyone needing to understand the Windows operating system's low-level …
book
PowerShell for Sysadmins
PowerShell® is both a scripting language and an administrative shell that lets you control and automate …
book
Mastering Linux Security and Hardening - Second Edition
A comprehensive guide to securing your Linux system against cyberattacks and intruders Key Features Deliver a …