THE PERSONAL COMPUTER SPECIALIST

Sysinternals Learning Resources

Help and Support

Sysinternals Learning Resources Help Desk Books Windows Internals Book Homepage The official updates and errata page for the definitive book on Windows internals, by and David Solomon. Windows Sysinternals Administrator's Reference The official guide to the Sysinternals utilities by Mark Russinovich and Aaron Margosis, including descriptions of all the tools, their features, how to use them for troubleshooting, and example real-world cases of their use.

Articles Inside the Kernel: Part 1 Inside the Windows Vista Kernel: Part 2 Inside the Windows Vista Kernel: Part 3 Inside Windows Vista User Account Control Inside Windows Server 2008 Kernel Changes

Mark's Blog Articles Hunting Down and Killing Scareware, a type of malware that mimics antimalware software, has been around for a decade and shows no sign of going away. The goal of scareware is to fool a user into thinking that their computer is heavily infected with malware and the most convenient...(read more) Monday, Jan 7 The Case of the Unexplained FTP Connections A key part of any cybersecurity plan is “continuous monitoring”, or enabling auditing and monitoring throughout a network environment and configuring automated analysis of the resulting logs to identify anomalous behaviors that merit investigation. This...(read more) Tuesday, Oct 30 Windows Azure Host Updates: Why, When, and How Windows Azure’s compute platform, which includes Web Roles, Worker Roles, and Virtual Machines, is based on machine virtualization. It’s the deep access to the underlying that makes Windows Azure’s Platform-as-a-Service (PaaS) uniquely...(read more) Wednesday, Aug 22 The Case of the Veeerrry Slow Logons This case is my favorite kind of case, one where I use my own tools to solve a This case is my favorite kind of case, one where I use my own tools to solve a problem affecting me personally. The problem at the root of it is also one you might run into, especially if you travel, and demonstrates the use of some Monitor...(read more) Monday, Jul 2More >

Videos and Webcasts Defrag Tools Shows Episodes 1 – 12 of the Defrag Tools shows focus on Sysinternals tools. Each episode covers a specific tool used on the tech support show Defrag, covering when and why to use the tools, and providing tips on how to get the most out of them: Defrag Tools: #1 - Building your USB thumbdrive Defrag Tools: #2 - Defrag Tools: #3 - Defrag Tools: #4 - Process Monitor - Examples Defrag Tools: #5 - Autoruns and MSConfig Defrag Tools: #6 - RAMMap Defrag Tools: #7 - VMMap Defrag Tools: #8 - Mark Russinovich Defrag Tools: #9 - ProcDump Defrag Tools: #10 - ProcDump - Triggers Defrag Tools: #11 - ProcDump - Windows 8 & Process Monitor Defrag Tools: #12 - TaskMgr and ResMon

Mark's Webcasts Two dozen of Mark’s top-rated presentations on Sysinternals, Windows internals, and Windows Azure are available for on-demand viewing. Get tips and techniques on using the Sysinternals tools to troubleshoot directly from their author. TWC: Sysinternals Primer: TechEd 2014 Edition The latest edition of the popular Sysinternals Primer series with Aaron Margosis, Mark Russinovich’s co-author of The Windows Sysinternals Administrator’s Reference. The Sysinternals utilities are vital tools for any computer professional on the Windows platform. Mark Russinovich's popular “Case Of The Unexplained” demonstrates some of their capabilities in advanced troubleshooting scenarios. This complementary tutorial series focuses primarily on the utilities themselves, deep-diving into as many features as time allows. Expect to see some advanced analysis, such as manipulating Procmon results with Windows PowerShell, and interesting/useful new features. Sysinternals Primer: Autoruns, Disk2Vhd, ProcDump, BgInfo and AccessChk The Sysinternals utilities are vital tools for any computer professional on the Windows platform. Mark Russinovich's popular "Case Of The Unexplained" demonstrates some of their capabilities in advanced troubleshooting scenarios. This complementary tutorial session focuses primarily on the utilities themselves, giving you tips and techniques for using their full functionality for troubleshooting and systems management. This session follows the same format as last year’s highly-rated delivery, and covers a different set of the most useful Sysinternals tools. Unintended Consequences of Security Lockdowns (uses Sysinternals utilities a lot) Security-conscious organizations often lock down their systems based on prescriptive guidance from , US Federal government agencies or other security organizations. Sometimes these settings can lead to unpleasant surprises and unexpected side effects. This session describes and demonstrates some of the common issues that can arise, and whether and how those settings actually help or hurt. Is there benefit to not granting Administrators the “Debug” privilege? Does “Hide mechanisms to remove zone information” break anything? Is the “Require trusted path for credential entry” setting worth the inconvenience? Come see! Windows Sysinternals Primer: Process Explorer, Process Monitor and More The Sysinternals utilities are vital tools for any computer professional on the Windows platform. Mark Russinovich's popular "Case Of The Unexplained" demonstrates some of their capabilities in advanced troubleshooting scenarios. demonstrates some of their capabilities in advanced troubleshooting scenarios. This complementary tutorial session by Aaron Margosis and Tim Reckmeyer focuses primarily on the utilities, deep-diving into as many features as time will allow. Learn tips and tricks that will make you more effective with the Sysinternals utilities.

© 2021 The Personal Computer Specialist Last update: 02/10/2021