Saisons de Defrag Tools (2012)

SensCritique>Séries>Defrag Tools>Saisons

Saison 1

197 épisodes

(3 h 45 min)

Retour

Filtrer

Saison 1

Épisodes

Modifier ma progression

S1 E1 • Building your USB thumbdrive

Welcome to the first episode of Defrag Tools where Andrew Richards and I will be walking you through the tools we use when troubleshooting Windows PC's. Each week we'll dive into the tools from SysInternals, showing you how to use them along with our best tips and tricks. In this episode we'll be showing you how to get started by creating a thumb drive that you can use to fix PC's and troubleshoot problems.

Première diffusion : 31 juillet 2012

S1 E2 • Process Explorer

In this episode of Defrag Tools, Andrew and I walk you through Sysinternals Process Explorer. Process Explorer is a comprehensive replacement for Task Manager. It allows you to view the details of the processes running on the computer, both at a point in time and historically. The performance graphs allow you to view the CPU, I/O, Memory and GPU usage. Process Explorer can be used to find file locks, loaded DLLs, autostart locations, and many more things.

Première diffusion : 6 août 2012

S1 E3 • Process Monitor

In this 2 part episode of Defrag Tools, Andrew and I walk you through Sysinternals Process Monitor. Process Monitor allows you to view the File, Registy, Network, Process and Profiling details of the processes running on the computer. The logging allows you to go from a holistic view all the way down to the function in the stack that initiated an event. Process Monitor can be used to troubleshoot nearly all types of issues. As coined by David Solomon - "When in doubt, run Process Monitor".

Première diffusion : 13 août 2012

S1 E4 • Process Monitor - Examples

Première diffusion : 20 août 2012

S1 E5 • Autoruns and MSConfig

In this episode of Defrag Tools, Chad and I walk you through Sysinternals Autoruns. We also look at its predecessors: MSConfig and SysEdit. AutoRuns and MSConfig allow you to view and disable autostart entries on the computer. The autostart entries are locations in the registry and file system that can cause applications and DLLs to be automatically run at startup, login, application launch, and at many more registration points in Windows.

Première diffusion : 27 août 2012

S1 E6 • RAMMap

In this episode of Defrag Tools, Andrew and I walk you through Sysinternals RAMMap. RAMMap allows you to see how the Physical Memory (RAM) on the computer is being used. You can see how much RAM there is, for what purpose it is being used, and if there has been any memory pressure (not enough memory). We also cover a lot of Memory Management theory to understand the data in RAMMap.

Première diffusion : 4 septembre 2012

S1 E7 • VMMap

In this episode of Defrag Tools, Andrew and I walk you through Sysinternals VMMap. VMMap allows you to see how the Virtual Memory of a process is being used. You can see how much is used, for what purpose it is being used, and if there has been any memory leaks. Like last week with RAMMap, we cover some Memory Management theory to understand the data in VMMap.

Première diffusion : 10 septembre 2012

S1 E8 • Mark Russinovich

Mark Russinovich joins Andrew Richards and Larry Larsen on this episode of Defrag Tools to talk about the history of Sysinternals, his involvement with the Windows Internals book series and advice on Cybersecurity. Learn about new tools, retired tools and tools that never got completed. Get advice on troubleshooting. Get advice on how to survive a cyber attack. And much much more...

Première diffusion : 21 septembre 2012

S1 E9 • ProcDump

In this 3 part episode of Defrag Tools, Andrew Richards and Larry Larsen walk you through Sysinternals ProcDump. ProcDump allows you to capture the memory of a process running on the computer. The dump file can be of varying size and can be taken with varying outage durations. Dumps can be triggered immediately or can be triggered by a variety of events including CPU utilization, Memory utilization, a Performance Counter, a Hung Window and/or Native/Managed exceptions.

Première diffusion : 24 septembre 2012

S1 E10 • ProcDump - Triggers

Première diffusion : 1 octobre 2012

S1 E11 • ProcDump - Windows 8 & Process Monitor

Première diffusion : 8 octobre 2012

S1 E12 • TaskMgr and ResMon

In this episode of Defrag Tools, Chad Beeder and Larry Larsen walk you through Task Manager and Resource Monitor. Sometimes you can't download Sysinternals or other troubleshooting tools, at these time, you can turn to these in-box applications that allow you to investigate the computer.

Première diffusion : 15 octobre 2012

S1 E13 • WinDbg

In this episode of Defrag Tools, Andrew Richards and Larry Larsen start walking you through the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer. This first WinDbg installment configures the system to open dumps files via an adjusted Context Menu. It shows how to set WinDbg as the (AeDebug) postmortem debugger, and how to use ProcDump v5.1 to do the same but capture the process as a dump file. It then starts to explain some basic concepts of debugging: call stacks (k), registers (r) and exception context records (.ecxr). Make sure you watch Defrag Tools Episode #1 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbols and source code resolution.

Première diffusion : 22 octobre 2012

S1 E14 • WinDbg - SOS

In this episode of Defrag Tools, Andrew Richards and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer. This installment shows how you can view the user mode call stack and stack variables in a native, managed (.NET) or Silverlight process. We use these commands: dv dt !sos.dumpstack !sos.dumpstackobjects / !sos.dso !sos.dumpobj / !sos.do !sos.printexception / !sos.pe .frame .f+ .f- .load .unload .loadby .chain lm / lmm / lmvm .extmatch .prefer_dml 1 .lines .ecxr .cls Make sure you watch Defrag Tools Episode #1 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbols and source code resolution.

Première diffusion : 12 novembre 2012

S1 E15 • WinDbg - Bugchecks (BSOD)

In this episode of Defrag Tools, Chad Beeder and Larry Larsen discuss analyzing kernel mode bugchecks (colloquially known as Blue Screens of Death) using WinDbg from the Debugging Tools For Windows. We use these commands: !analyze -v .hh .trap !pte !process !thread .formats .process .thread k ~ .reload Make sure you watch Defrag Tools Episode #1 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbols and source code resolution.

Première diffusion : 19 novembre 2012

S1 E16 • WinDbg - Driver Verifier

Not all Blue Screens of Death are easy to debug! Sometimes, you need to enable extra checking to help catch a buggy device driver. In this episode of Defrag Tools, Chad Beeder and Larry Larsen discuss using Driver Verifier in conjunction with WinDbg to track down a driver which is corrupting kernel mode pool memory. Debugger commands used: !analyze -v .trap ub dp dps dc kv Make sure you watch Defrag Tools Episode #1 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbols and source code resolution.

Première diffusion : 26 novembre 2012

S1 E17 • WinDbg - Driver Verifier - Part 2

In this episode of Defrag Tools, Michael Fourre, senior test engineer from the Driver Verifier team, pays a visit to Larry Larsen and Chad Beeder in the Channel 9 studios to give us some deeper insight into this valuable tool for catching device driver bugs!

Première diffusion : 3 décembre 2012

S1 E18 • WinDbg - Driver Verifier - Part 3

In this followup to last week's episode of Defrag Tools, Michael Fourre, senior test engineer from the Driver Verifier team, gives us an overview of all the available verifier settings, and explains when you might need to use them.

Première diffusion : 10 décembre 2012

S1 E19 • WinDbg - OCA

In this week's episode of Defrag Tools, Graham McIntyre, Senior Developer from the Windows Reliability team, gives us an overview of Online Crash Analysis (OCA). Graham describes OCA and how dump collection has been enhanced in Windows 8.

Première diffusion : 17 décembre 2012

S1 E20 • WinDbg - Basic Commands

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer. This installment goes over the commands used to show the state of debug session. It also shows some of the basic commands used to view process and thread information of a user mode process. We cover these commands: version vertarget | || .sympath .srcpath .exepath .extpath .chain !analyze -v .bugcheck !error ~ ~NNs ~~[TID]s ~*k ~*r !process 0 17 !threads !findstack !uniqstack !peb !teb k= <addr> <addr> <frames> dps dpu dpa dpp .reload /f .reload /user !gle !tls Make sure you watch Defrag Tools Episode #1 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbols and source code resolution.

Première diffusion : 24 décembre 2012

S1 E21 • WinDbg - Memory User Mode

Première diffusion : 1 janvier 2013

S1 E22 • WinDbg - Memory Kernel Mode

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer. This installment goes over the commands used to show the memory used in a kernel mode debug session. We cover these commands: !vm !vm 1 !memusage 8 !poolused 2 !poolused 4 !poolfind <tag> !pool <addr> !pool <addr> 2 !pte Make sure you watch Defrag Tools Episode #1 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbols and source code resolution.

Première diffusion : 7 janvier 2013

S1 E23 • Windows 8 SDK

In this episode of Defrag Tools, Andrew Richards and Larry Larsen upgrade the software we downloaded in Episode #1 to the Windows 8 (x86 &x64) and Windows RT (ARM) versions. Resources: Windows Software Development Kit (SDK) for Windows 8 Sysinternals USB3 Debugging Cable - Note, you must use a USB3 A-A cable designed for debugging, otherwise it will fry your box!

Première diffusion : 14 janvier 2013

S1 E24 • WinDbg - Critical Sections

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer. This installment goes over the commands used to diagnose a Critical Section hang in a user mode application. We start with an overview of the four synchronization primitives and then delve deep in to temporary hangs, orphaned Critical Sections and deadlocks. We use these commands: ~*k ~*kv ~ ~~[TID]s !cs !cs <pointer> !locks Make sure you watch Defrag Tools Episode #1 and Defrag Tools Episode #23 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbols and source code resolution.

Première diffusion : 21 janvier 2013

S1 E25 • WinDbg - Events

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer. This installment goes over the commands used to diagnose an Event hang in a user mode application. We talk about single and multiple event hangs, automatic and manual events, waitable object handles and common design patterns that you will encounter. We use these commands: ~*k ~*kv ~ ~~[TID]s dp <addr> !handle !handle <handle> <mask> .dumpdebug !uniqstack !findstack <text> Make sure you watch Defrag Tools Episode #1 and Defrag Tools Episode #23 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbol and source code resolution.

Première diffusion : 28 janvier 2013

S1 E26 • WinDbg - Semaphores, Mutexes and Timers

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer. This installment goes over the commands used to diagnose Semaphores, Mutexes and (Waitable) Timers in a user mode application. For timers, we delve deep in to the kernel to gather more information about them. We use these commands: !handle !handle <handle> <mask> !object <name> !object <addr> !timer !timer <addr> ub @rip dt nt!_KTHREAD <addr> Make sure you watch Defrag Tools Episode #1 and Defrag Tools Episode #23 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbol and source code resolution.

Première diffusion : 4 février 2013

S1 E27 • WinDbg - Configure Kernel Debugging

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer. This installment goes over the cables and configuration steps required to set up kernel mode debugging. We use these BCDEdit commands: bcdedit bcdedit /dbgsettings bcdedit /dbgsettings 1394 channel:42 bcdedit /dbgsettings net hostip:192.168.0.10 port:50000 key:a.b.c.d bcdedit /debug on bcdedit /debug off In the debug session, we use these commands: .crash .dump /f lm !lmi .reload /f !drvobj !drvobj <module> 2 bl bc * be <N> bd <N> bp <function> bm <wildcard> x <wildcard> g Make sure you watch Defrag Tools Episode #1 and Defrag Tools Episode #23 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbol and source code resolution.

Première diffusion : 11 février 2013

S1 E28 • WinDbg - Scheduling

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer. This installment goes over the Windows Scheduler. We look at Running, Ready and Waiting threads, and talks about the effect of Power Management on scheduling. We use these commands: !running !running -t !ready !dpcs !thread <addr> 17 !thread -1 17 (current thread) Make sure you watch Defrag Tools Episode #1 and Defrag Tools Episode #23 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbol and source code resolution.

Première diffusion : 18 février 2013

S1 E29 • WinDbg - ETW Logging

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer. This installment goes over the Event Tracing for Windows (ETW) buffers in a kernel mode dump or live session. The ETW buffers can be extracted from the dump and viewed using the Windows Performance Toolkit (WPT). The buffers give you insight in to what has beem happening recently on the computer. We use these commands: !wmitrace.strdump !wmitrace.logsave 0xNN c:example.etl !wmitrace.eventlogdump 0xNN !wmitrace.help Make sure you watch Defrag Tools Episode #1 and Defrag Tools Episode #23 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbol and source code resolution. This episode shows how install the Windows Performance Toolkit.

Première diffusion : 25 février 2013

S1 E30 • MCTS Windows Internals

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen review MCP exam 70-660 - MCTS Windows Internals.

Première diffusion : 4 mars 2013

S1 E31 • ZoomIt

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen walk you through Sysinternals ZoomIt. ZoomIt is a screen zoom and annotation tool for technical presentations that include application demonstrations. ZoomIt runs unobtrusively in the tray and activates with customizable hotkeys to zoom in on an area of the screen, move around while zoomed, and draw on the zoomed image.

Première diffusion : 11 mars 2013

S1 E32 • Desktops

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen walk you through Sysinternals Desktops. Desktops allows you to organize your applications on up to four virtual desktops. We go under the covers and show how Desktops fits in to the Session, Window Station and Desktop object/security model. ** I didn't do a great job explaining Sessions/Window Stations/Desktops -- If you want to know about those concepts in detail, I suggest you watch Sysinternals Primer: Gems instead.

Première diffusion : 18 mars 2013

S1 E33 • CLR GC - Part 1

In this episode of Defrag Tools, Andrew Richards, Maoni Stephens and Larry Larsen walk you through the CLR Garbage Collector. Maoni is the Principal developer for the GC on the CLR team.

Première diffusion : 25 mars 2013

S1 E34 • CLR GC - Part 2

In this episode of Defrag Tools, Andrew Richards, Maoni Stephens and Larry Larsen continue walking you through the CLR Garbage Collector. Maoni is the Principal developer for the GC on the CLR team.

Première diffusion : 2 avril 2013

S1 E35 • CLR GC - Part 3

In this episode of Defrag Tools, Andrew Richards, Maoni Stephens and Larry Larsen continue walking you through the CLR Garbage Collector. Maoni is the Principal developer for the GC on the CLR team.

Première diffusion : 8 avril 2013

S1 E36 • CLR GC - Part 4

In this episode of Defrag Tools, Andrew Richards, Maoni Stephens and Larry Larsen continue walking you through the CLR Garbage Collector - specifically PerfView. Maoni is the Principal developer for the GC on the CLR team.

Première diffusion : 15 avril 2013

S1 E37 • JavaScript - Part 1

In this episode of Defrag Tools, Andrew Richards, Amanda Silver and Larry Larsen start walking you through the debugging of JavaScript Windows Store applications with Visual Studio. Amanda is a Principal developer for the JavaScript engine used in Internet Explorer, Windows Store applications and Visual Studio.

Première diffusion : 22 avril 2013

S1 E38 • JavaScript - Part 2

In this episode of Defrag Tools, Andrew Richards, Amanda Silver and Larry Larsen continue walking you through the debugging of JavaScript Windows Store applications with Visual Studio. Amanda is a Principal developer for the JavaScript engine used in Internet Explorer, Windows Store applications and Visual Studio.

Première diffusion : 29 avril 2013

S1 E39 • Windows Performance Toolkit

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen starting walking you through the Windows Performance Toolkit (WPT).

Première diffusion : 6 mai 2013

S1 E40 • WPT - WPR & WPA

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue walking you through the Windows Performance Toolkit (WPT).

Première diffusion : 13 mai 2013

S1 E41 • WPT - Command Line