Troubleshooting with the Windows Sysinternals Tools (häftad)
Format
Häftad (Paperback)
Språk
Engelska
Antal sidor
688
Utgivningsdatum
2016-11-04
Upplaga
2
Förlag
Microsoft Press
Medarbetare
Russinovich, Mark / Margosis, Aaron
Dimensioner
229 x 188 x 36 mm
Vikt
1044 g
Antal komponenter
1
Komponenter
,
ISBN
9780735684447
Troubleshooting with the Windows Sysinternals Tools (häftad)

Troubleshooting with the Windows Sysinternals Tools

Häftad Engelska, 2016-11-04
397
  • Skickas inom 5-8 vardagar.
  • Gratis frakt inom Sverige över 199 kr för privatpersoner.
Kan levereras innan julafton!
Finns även som
Visa alla 1 format & utgåvor
Optimize Windows system reliability and performance with Sysinternals

IT pros and power users consider the free Windows Sysinternals tools indispensable for diagnosing, troubleshooting, and deeply understanding the Windows platform. In this extensively updated guide, Sysinternals creator Mark Russinovich and Windows expert Aaron Margosis help you use these powerful tools to optimize any Windows systems reliability, efficiency, performance, and security. The authors first explain Sysinternals capabilities and help you get started fast. Next, they offer in-depth coverage of each major tool, from Process Explorer and Process Monitor to Sysinternals security and file utilities. Then, building on this knowledge, they show the tools being used to solve real-world cases involving error messages, hangs, sluggishness, malware infections, and much more.

Windows Sysinternals creator Mark Russinovich and Aaron Margosis show you how to:

  • Use Process Explorer to display detailed process and system information
  • Use Process Monitor to capture low-level system events, and quickly filter the output to narrow down root causes
  • List, categorize, and manage software that starts when you start or sign in to your computer, or when you run Microsoft Office or Internet Explorer
  • Verify digital signatures of files, of running programs, and of the modules loaded in those programs
  • Use Autoruns, Process Explorer, Sigcheck, and Process Monitor features that can identify and clean malware infestations
  • Inspect permissions on files, keys, services, shares, and other objects
  • Use Sysmon to monitor security-relevant events across your network
  • Generate memory dumps when a process meets specified criteria
  • Execute processes remotely, and close files that were opened remotely
  • Manage Active Directory objects and trace LDAP API calls
  • Capture detailed data about processors, memory, and clocks
  • Troubleshoot unbootable devices, file-in-use errors, unexplained communication, and many other problems
  • Understand Windows core concepts that arent well-documented elsewhere
Visa hela texten

Passar bra ihop

  1. Troubleshooting with the Windows Sysinternals Tools
  2. +
  3. Clean Code: A Handbook Of Agile Software Craftsmanship

De som köpt den här boken har ofta också köpt Clean Code: A Handbook Of Agile Software Crafts... av Robert C Martin (häftad).

Köp båda 2 för 752 kr

Kundrecensioner

Har du läst boken? Sätt ditt betyg »

Fler böcker av Mark E Russinovich

  • Windows Internals, Part 2

    Mark E Russinovich

    Drill down into Windows architecture and internals, discover how core Windows components work behind the scenes, and master information you can continually apply to improve architecture, development, system administration, and support. Led by thre...

  • Windows Internals

    Pavel Yosifovich, Alex Ionescu, Mark E Russinovich, David Solomon

    Der Standard-Leitfaden - komplett aktualisiert auf Windows 10 und Windows Server 2016 Tauchen Sie in die Architektur und die inneren Mechanismen von Windows ein und lernen Sie die Kernkomponenten kennen, die hinter den Kulissen arbeiten. Dieser kl...

Övrig information

Mark Russinovich is a Technical Fellow in the Windows Azure group at Microsoft. He is coauthor of Windows SysInternals Administrator's Reference, co-creator of the Sysinternals tools available from Microsoft TechNet, and coauthor of the Windows Internals book series. Aaron Margosis is a Principal Consultant with Microsoft Public Sector Services. He specializes in application development on Windows platforms, with a focus on security, least privilege, and compatibility in locked-down environments.

Innehållsförteckning

Part I    Getting started

Chapter 1 Getting started with the Sysinternals utilities  

Overview of the utilities

The Windows Sysinternals website

Sysinternals license information


Chapter 2 Windows core concepts  

Administrative rights

Processes, threads, and jobs

User mode and kernel mode

Handles

Application isolation

Call stacks and symbols

Sessions, window stations, desktops, and window messages


Chapter 3 Process Explorer   

Procexp overview

Main window

DLLs and handles

Process details

Thread details

Verifying image signatures

VirusTotal analysis

System information

Display options

Procexp as a Task Manager replacement

Miscellaneous features

Keyboard shortcut reference


Chapter 4 Autoruns    

Autoruns fundamentals

Autostart categories

Saving and comparing results

AutorunsC

Autoruns and malware


Part II   Usage guide

Chapter 5 Process Monitor

Getting started with Procmon

Events

Filtering, highlighting, and bookmarking

Process Tree

Saving and opening Procmon traces

Logging boot, post-logoff, and shutdown activity

Long-running traces and controlling log sizes

Importing and exporting configuration settings

Automating Procmon: command-line options

Analysis tools

Injecting custom debug output into Procmon traces

Toolbar reference


Chapter 6 ProcDump  

Command-line syntax

Specifying which process to monitor

Specifying the dump file path

Specifying criteria for a dump

Monitoring exceptions

Dump file options

Miniplus dumps

ProcDump and Procmon: Better together

Running ProcDump noninteractively

Viewing the dump in the debugger


Chapter 7 PsTools

Common features

PsExec

PsFile

PsGetSid

PsInfo

PsKill

PsList

PsLoggedOn

PsLogList

PsPasswd

PsService

PsShutdown

PsSuspend

PsTools command-line syntax

PsTools system requirements


Chapter 8 Process and diagnostic utilities  

VMMap

DebugView

LiveKd

ListDLLs

Handle


Chapter 9 Security utilities                                             

SigCheck

AccessChk

Sysmon

AccessEnum

ShareEnum

ShellRunAs

Autologon

LogonS...