SPECIAL OFFERS
Keep up with new releases and promotions.Sign up to hear from us.
This eBook includes the following formats, accessible from yourAccountpage after purchase:
EPUBThe open industry format known for its reflowable content and usability on supported mobile devices.
PDFThe popular standard, used most often with the freeAdobe® Reader®software.
This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.
Also available inother formats.
Register your productto gain access to bonus material or receive a coupon.
优化Windows系统可靠性和沟纹e with Sysinternals
它优点和高级用户考虑免费的WindowsSysinternals tools indispensable for diagnosing, troubleshooting, and deeply understanding the Windows platform. In this extensively updated guide, Sysinternals creator Mark Russinovich and Windows expert Aaron Margosis help you use these powerful tools to optimize any Windows system’s reliability, efficiency, performance, and security. The authors first explain Sysinternals’ capabilities and help you get started fast. Next, they offer in-depth coverage of each major tool, from Process Explorer and Process Monitor to Sysinternals’ security and file utilities. Then, building on this knowledge, they show the tools being used to solve real-world cases involving error messages, hangs, sluggishness, malware infections, and much more.
Windows Sysinternals creator Mark Russinovich and Aaron Margosis show you how to:
Download the sample pages(includes Chapter 4 and the Index.)
Part I Getting started
Chapter 1 Getting started with the Sysinternals utilities
Overview of the utilities
The Windows Sysinternals website
Sysinternals license information
Chapter 2 Windows core concepts
Administrative rights
Processes, threads, and jobs
User mode and kernel mode
Handles
Application isolation
Call stacks and symbols
Sessions, window stations, desktops, and window messages
Chapter 3 Process Explorer
Procexp overview
Main window
DLLs and handles
Process details
Thread details
Verifying image signatures
VirusTotal analysis
System information
Display options
Procexp as a Task Manager replacement
Miscellaneous features
Keyboard shortcut reference
Chapter 4 Autoruns
Autoruns fundamentals
自动启动类
Saving and comparing results
AutorunsC
Autoruns and malware
Part II Usage guide
Chapter 5 Process Monitor
Getting started with Procmon
Events
Filtering, highlighting, and bookmarking
Process Tree
Saving and opening Procmon traces
Logging boot, post-logoff, and shutdown activity
Long-running traces and controlling log sizes
Importing and exporting configuration settings
Automating Procmon: command-line options
Analysis tools
Injecting custom debug output into Procmon traces
Toolbar reference
Chapter 6 ProcDump
Command-line syntax
Specifying which process to monitor
Specifying the dump file path
Specifying criteria for a dump
Monitoring exceptions
Dump file options
Miniplus dumps
ProcDump and Procmon: Better together
Running ProcDump noninteractively
Viewing the dump in the debugger
Chapter 7 PsTools
Common features
PsExec
PsFile
PsGetSid
PsInfo
PsKill
PsList
PsLoggedOn
PsLogList
PsPasswd
PsService
PsShutdown
PsSuspend
PsTools command-line syntax
PsTools system requirements
Chapter 8 Process and diagnostic utilities
VMMap
DebugView
LiveKd
ListDLLs
Handle
Chapter 9 Security utilities
SigCheck
AccessChk
Sysmon
AccessEnum
ShareEnum
ShellRunAs
Autologon
LogonSessions
SDelete
Chapter 10 Active Directory utilities
AdExplorer
AdInsight
AdRestore
Chapter 11 Desktop utilities
BgInfo
Desktops.
ZoomIt
Chapter 12 File utilities
Strings
Streams
NTFS link utilities
Disk Usage (DU)
Post-reboot file operation utilities
Chapter 13 Disk utilities
Disk2Vhd
Sync
DiskView
Contig
DiskExt
LDMDump
VolumeID
Chapter 14 Network and communication utilities
PsPing
TCPView
Whois
Chapter 15 System information utilities
RAMMap
Registry Usage (RU)
CoreInfo
WinObj
LoadOrder
PipeList
ClockRes
Chapter 16 Miscellaneous utilities
RegJump
Hex2Dec
RegDelNull
Bluescreen Screen Saver
Ctrl2Cap
Part III Troubleshooting—“The Case of the
Unexplained…”
Chapter 17 Error messages
Troubleshooting error messages
这个案子of the Locked Folder
这个案子of the File In Use Error
这个案子of the Unknown Photo Viewer Error
这个案子of the Failing ActiveX Registration
这个案子of the Failed Play-To
这个案子of the Installation Failure
这个案子of the Unreadable Text Files
这个案子of the Missing Folder Association
这个案子of the Temporary Registry Profiles
这个案子of the Office RMS Error
这个案子of the Failed Forest Functional Level Raise
Chapter 18 Crashes
Troubleshooting crashes
这个案子of the Failed AV Update
这个案子of the Crashing Proksi Utility
这个案子of the Failed Network Location Awareness Service
这个案子of the Failed EMET Upgrade
这个案子of the Missing Crash Dump
这个案子of the Random Sluggishness
第十九章挂起和缓慢的性能
Troubleshooting hangs and sluggish performance
这个案子of the IExplore-Pegged CPU
这个案子of the Runaway Website
这个案子of the Excessive ReadyBoost
这个案子of the Stuttering Laptop Blu-ray Player
这个案子of the Company 15-Minute Logons
这个案子of the Hanging PayPal Emails
这个案子of the Hanging Accounting Software
这个案子of the Slow Keynote Demo
这个案子of the Slow Project File Opens
The Compound Case of the Outlook Hangs
Chapter 20 Malware
Troubleshooting malware
Stuxnet
这个案子of the Strange Reboots
这个案子of the Fake Java Updater
这个案子of the Winwebsec Scareware
这个案子of the Runaway GPU
这个案子of the Unexplained FTP Connections
这个案子of the Misconfigured Service
这个案子of the Sysinternals-Blocking Malware
这个案子of the Process-Killing Malware
这个案子of the Fake System Component
这个案子of the Mysterious ASEP
Chapter 21 Understanding system behavior
这个案子of the Q: Drive
这个案子of the Unexplained Network Connections
这个案子of the Short-Lived Processes
这个案子of the App Install Recorder
这个案子of the Unknown NTLM Communications
Chapter 22 Developer troubleshooting
这个案子of the Broken Kerberos Delegation
这个案子of the ProcDump Memory Leak