Defrag Tools

Defrag Tools #173 - Troubleshooting with the Windows Sysinternals Tools, 2nd Edition

Jan 30, 2017 at 6:00AM

by Andrew Richards, Chad Beeder
Average of 5 out of 5 stars 27 ratings

Sign in to rate

4 comments

Play Defrag Tools #173 - Troubleshooting with the Windows Sysinternals Tools, 2nd Edition

Sign in to queue

Description

In this episode of Defrag Tools, Andrew Richards and Chad Beeder are joined by Aaron Margosis, the co-author of the Sysinternals book -- now in its 2nd Edition!

Troubleshooting with the Windows Sysinternals Tools, 2nd Edition

Resources:
Defrag Tools: #81 - Aaron Margosis
Windows Sysinternals Administrator's Reference
Troubleshooting with the Windows Sysinternals Tools, 2nd Edition
Aaron Margosis' Non-Admin, App-Compat and Sysinternals WebLog

Tags:

sysinternals, Windows, IT

Embed

Download

Download this episode

MP3 (15.2 MB)
Low Quality MP4 (55.6 MB)
High Quality MP4 (975.1 MB)
Mid Quality MP4 (262.7 MB)

Download captions

More episodes in this series

Defrag Tools #172 - Application Hangs

Defrag Tools #172 - Application Hangs

Defrag Tools #174 - Security Baseline, Policy Analyzer and LGPO

Defrag Tools #174 - Security Baseline, Policy Analyzer and LGPO

Related episodes

Defrag Tools #178 - Sysinternals ProcDump v9.0

Defrag Tools #178 - Sysinternals ProcDump v9.0

Defrag Tools #164 - Sysinternals for Nano Server - Mark Russinovich

Defrag Tools #164 - Sysinternals for Nano Server - Mark Russinovich

Defrag Tools #163 - Virtual Hard Disk (VHD) - Sysinternals Disk2VHD

Defrag Tools #163 - Virtual Hard Disk (VHD) - Sysinternals Disk2VHD

Tech Pros Rejoice - Sysinternals Live Launches

Tech Pros Rejoice - Sysinternals Live Launches

Mixed Reality + Azure

Mixed Reality + Azure

A new revenue share for Microsoft Store - #ifdef WINDOWS

A new revenue share for Microsoft Store - #ifdef WINDOWS

UI Automation with WinAppDriver – Preview into 1.1

UI Automation with WinAppDriver – Preview into 1.1

#ifdef PRIVATE AUDIENCE // in the Microsoft Store

#ifdef PRIVATE AUDIENCE // in the Microsoft Store

Defrag Tools #190 - Performance Power Slider

Defrag Tools #190 - Performance Power Slider

This Week On Channel 9

TWC9: GDC 2018, Windows Server 2019 Preview, Pocket Casts for Windows, and more

TWC9: GDC 2018, Windows Server 2019 Preview, Pocket Casts for Windows, and more

The Discussion

claudiamcse

Thank you for sharing! Great video. I look forward to reading the book!

Last modified Jan 30, 2017 at 10:28AM
Luke

Hi,

Have you ever used windgb extention cmkd.dll from http://www.codemachine.com/cmkd.html to extract the first four arguments passed to calls on x64n stacks, like so?
0:000> !cmkd.stack -p
Call Stack : 7 frames
## Stack-Pointer Return-Address Call-Site
00 000000a408c7fb28 00007ffda95b1148 ntdll!NtWaitForSingleObject+a
Parameter[0] = 0000000000000034
Parameter[1] = 0000000000000000
Parameter[2] = 0000000000000000
Parameter[3] = (unknown)
01 000000a408c7fb30 00007ff7e44c13f1 KERNELBASE!WaitForSingleObjectEx+98
Parameter[0] = 0000000000000034
Parameter[1] = 00000000ffffffff
Parameter[2] = 0000000000000000
Parameter[3] = 00007ff7e44cba28
02 000000a408c7fbd0 00007ff7e44c3fed ConsoleApplication2!main+41
Parameter[0] = (unknown)
Parameter[1] = (unknown)
Parameter[2] = (unknown)
Parameter[3] = (unknown)

Is this extention safe?

Thx,
Luke

Last modified Feb 10, 2017 at 11:09AM
ChadBeeder

@Luke: I haven't used that debug extension, but I have met the Codemachine guys, and I have no reason to think it wouldn't work as advertised.

Last modified Feb 13, 2017 at 1:35AM
MariaHamilton

I use it all the time @Luke. I am mainly analyzing crash dumps rather than debugging live x64 systems, though (it's unusual that a problem only turns up on x64 boxes, so if I have to debug something I tend to do it on an x86 one).

Last modified Mar 09, 2017 at 9:29AM