Defrag Tools #173 - Troubleshooting with the Windows Sysinternals Tools, 2nd Edition

Jan 30, 2017 at 6:00AM

by Andrew Richards, Chad Beeder
Average of 5 out of 5 stars 24 ratings

Sign in to rate

3,430 views

4 comments

Play Defrag Tools #173 - Troubleshooting with the Windows Sysinternals Tools, 2nd Edition

Sign in to queue

Description

In this episode of Defrag Tools, Andrew Richards and Chad Beeder are joined by Aaron Margosis, the co-author of the Sysinternals book -- now in its 2nd Edition!

Troubleshooting with the Windows Sysinternals Tools, 2nd Edition

Resources:
Defrag Tools: #81 - Aaron Margosis
Windows Sysinternals Administrator's Reference
Troubleshooting with the Windows Sysinternals Tools, 2nd Edition
Aaron Margosis' Non-Admin, App-Compat and Sysinternals WebLog

Tags:

sysinternals, Windows, IT

Embed

Download

Download this episode

MP3 (15.2 MB)
Low Quality MP4 (55.6 MB)
High Quality MP4 (975.1 MB)
Mid Quality MP4 (262.7 MB)

Download captions

More episodes in this series

Defrag Tools #172 - Application Hangs

Defrag Tools #172 - Application Hangs

Defrag Tools #174 - Security Baseline, Policy Analyzer and LGPO

Defrag Tools #174 - Security Baseline, Policy Analyzer and LGPO

Related episodes

Defrag Tools #178 - Sysinternals ProcDump v9.0

Defrag Tools #178 - Sysinternals ProcDump v9.0

Defrag Tools #164 - Sysinternals for Nano Server - Mark Russinovich

Defrag Tools #164 - Sysinternals for Nano Server - Mark Russinovich

Defrag Tools #163 - Virtual Hard Disk (VHD) - Sysinternals Disk2VHD

Defrag Tools #163 - Virtual Hard Disk (VHD) - Sysinternals Disk2VHD

Tech Pros Rejoice - Sysinternals Live Launches

Tech Pros Rejoice - Sysinternals Live Launches

Defrag Tools #181 - System Power Report

Defrag Tools #181 - System Power Report

Microsoft Azure Cloud Cover Show

Episode 230: Azure Batch and Low Priority VMs

Episode 230: Azure Batch and Low Priority VMs

This Week On Windows

Windows at E3, Surface Laptop, Surface Pro, and more!

Windows at E3, Surface Laptop, Surface Pro, and more!

Defrag Tools #180 - Active Memory Dump

Defrag Tools #180 - Active Memory Dump

Episode 157: Microsoft Graph with Yina Arenas

Episode 157: Microsoft Graph with Yina Arenas

Azure in the Enterprise

Enabling Azure SQL Database Auto-Tuning at Scale for Microsoft IT

Enabling Azure SQL Database Auto-Tuning at Scale for Microsoft IT

The Discussion

claudiamcse

Thank you for sharing! Great video. I look forward to reading the book!

Last modified Jan 30, 2017 at 10:28AM
Luke

Hi,

Have you ever used windgb extention cmkd.dll from http://www.codemachine.com/cmkd.html to extract the first four arguments passed to calls on x64n stacks, like so?
0:000> !cmkd.stack -p
Call Stack : 7 frames
## Stack-Pointer Return-Address Call-Site
00 000000a408c7fb28 00007ffda95b1148 ntdll!NtWaitForSingleObject+a
Parameter[0] = 0000000000000034
Parameter[1] = 0000000000000000
Parameter[2] = 0000000000000000
Parameter[3] = (unknown)
01 000000a408c7fb30 00007ff7e44c13f1 KERNELBASE!WaitForSingleObjectEx+98
Parameter[0] = 0000000000000034
Parameter[1] = 00000000ffffffff
Parameter[2] = 0000000000000000
Parameter[3] = 00007ff7e44cba28
02 000000a408c7fbd0 00007ff7e44c3fed ConsoleApplication2!main+41
Parameter[0] = (unknown)
Parameter[1] = (unknown)
Parameter[2] = (unknown)
Parameter[3] = (unknown)

Is this extention safe?

Thx,
Luke

Last modified Feb 10, 2017 at 11:09AM
ChadBeeder

@Luke: I haven't used that debug extension, but I have met the Codemachine guys, and I have no reason to think it wouldn't work as advertised.

Last modified Feb 13, 2017 at 1:35AM
MariaHamilton

I use it all the time @Luke. I am mainly analyzing crash dumps rather than debugging live x64 systems, though (it's unusual that a problem only turns up on x64 boxes, so if I have to debug something I tend to do it on an x86 one).

Last modified Mar 09, 2017 at 9:29AM

Comments closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to send us feedback you can Contact Us.