Skip to main content

Sysinternals Learning Resources

Books

Windows Internals Book
The official updates and errata page for the definitive book on Windows internals, by Mark Russinovich and David Solomon.

Windows Sysinternals Administrator's Reference
The official guide to the Sysinternals utilities by Mark Russinovich and Aaron Margosis, including descriptions of all the tools, their features, how to use them for troubleshooting, and example real-world cases of their use.

Mark's Blog Articles

Learn Sysinternals

Hunting Down and Killing Ransomware
Scareware, a type of malware that mimics antimalware software, has been around for a decade and shows no sign of going away. The goal of scareware is to fool a user into thinking that their computer is heavily infected with malware and the most convenient...(read more)
월요일, 1 7
The Case of the Unexplained FTP Connections
A key part of any cybersecurity plan is “continuous monitoring”, or enabling auditing and monitoring throughout a network environment and configuring automated analysis of the resulting logs to identify anomalous behaviors that merit investigation. This...(read more)
화요일, 10 30
Windows Azure Host Updates: Why, When, and How
Windows Azure’s compute platform, which includes Web Roles, Worker Roles, and Virtual Machines, is based on machine virtualization. It’s the deep access to the underlying operating system that makes Windows Azure’s Platform-as-a-Service (PaaS) uniquely...(read more)
수요일, 8 22
The Case of the Veeerrry Slow Logons
This case is my favorite kind of case, one where I use my own tools to solve a problem affecting me personally. The problem at the root of it is also one you might run into, especially if you travel, and demonstrates the use of some Process Monitor...(read more)
월요일, 7 2

More >

Videos and Webcasts

Defrag Tools Shows
Episodes 1 – 12 of the Defrag Tools shows focus on Sysinternals tools. Each episode covers a specific tool used on the tech support show Defrag, covering when and why to use the tools, and providing tips on how to get the most out of them:

Mark's Webcasts
Two dozen of Mark’s top-rated presentations on Sysinternals, Windows internals, and Windows Azure are available for on-demand viewing. Get tips and techniques on using the Sysinternals tools to troubleshoot directly from their author.

Sysinternals Primer: Autoruns, Disk2Vhd, ProcDump, BgInfo and AccessChk
The Sysinternals utilities are vital tools for any computer professional on the Windows platform. Mark Russinovich's popular "Case Of The Unexplained" demonstrates some of their capabilities in advanced troubleshooting scenarios. This complementary tutorial session focuses primarily on the utilities themselves, giving you tips and techniques for using their full functionality for troubleshooting and systems management. This session follows the same format as last year’s highly-rated delivery, and covers a different set of the most useful Sysinternals tools.

Unintended Consequences of Security Lockdowns (uses Sysinternals utilities a lot)
Security-conscious organizations often lock down their systems based on prescriptive guidance from Microsoft, US Federal government agencies or other security organizations. Sometimes these settings can lead to unpleasant surprises and unexpected side effects. This session describes and demonstrates some of the common issues that can arise, and whether and how those settings actually help or hurt. Is there benefit to not granting Administrators the “Debug” privilege? Does “Hide mechanisms to remove zone information” break anything? Is the “Require trusted path for credential entry” setting worth the inconvenience? Come see!

Windows Sysinternals Primer: Process Explorer, Process Monitor and More
The Sysinternals utilities are vital tools for any computer professional on the Windows platform. Mark Russinovich's popular "Case Of The Unexplained" demonstrates some of their capabilities in advanced troubleshooting scenarios. This complementary tutorial session by Aaron Margosis and Tim Reckmeyer focuses primarily on the utilities, deep-diving into as many features as time will allow. Learn tips and tricks that will make you more effective with the Sysinternals utilities.

Events

Mark's Events
Find out about recent and upcoming Sysinternals-related events and appearances by Mark Russinovich. If you have a question about any of these events, please visit the Sysinternals Forum for answers and help from other users and our moderators.

Microsoft는 웹 사이트에 대한 귀하의 의견을 이해하기 위해 온라인 설문 조사를 진행하고 있습니다. 참여하도록 선택하시면 웹 사이트에서 나가실 때 온라인 설문 조사가 표시됩니다.

참여하시겠습니까?