AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response
For nearly two decades, IT professionals have considered the free Sysinternals tools absolutely indispensable for diagnosing, troubleshooting, and deeply understanding the Windows platform. Today, with new tools and many enhancements throughout, Sysinternals is more valuable than ever. In Troubleshooting with the Windows Sysinternals Tools, Second Edition, Sysinternals creator Mark Russinovich and Windows administration expert Aaron Margosis show how to use it to maximize the reliability, efficiency, performance, and security of all your Windows systems. Russinovich and Margosis begin by introducing Sysinternals’ goals and capabilities, and offering practical guidance for getting started. Next, they offer in-depth coverage of each major Sysinternals tool and category of tools: Process Explorer, Autoruns, ProcMon, ProcDump, and PsTools — including valuable new coverage of using ProcMon and ProcDump together Additional process and diagnostic utilities Security utilities Active Directory utilities Desktop utilities File utilities Disk utilities Network and communication utilities System information utilities, and more Then, building on this comprehensive reference information, they present an expanded and updated hands-on troubleshooting section, focused on your most challenging real-world problems — including error messages, hangs, sluggish performance, and the potential presence of malware.