Windows Sysinternals Administrator's Reference


Get in-depth guidance—and inside insights—for using the Windows Sysinternals tools available from Microsoft TechNet. Guided by Sysinternals creator Mark Russinovich and Windows expert Aaron Margosis, you’ll drill into the features and functions of dozens of free file, disk, process, security, and Windows management tools. And you’ll learn how to apply the book’s best practices to help resolve your own ...

See more details below
$32.80 price
(Save 34%)$49.99 List Price

Pick Up In Store

Reserve and pick up in 60 minutes at your local store

Other sellers (Paperback)
  • All (20) from $19.99   
  • New (14) from $28.72   
  • Used (6) from $19.99   
Windows Sysinternals Administrator's Reference

Available on NOOK devices and apps  
  • NOOK Devices
  • Samsung Galaxy Tab 4 NOOK 7.0
  • Samsung Galaxy Tab 4 NOOK 10.1
  • NOOK HD Tablet
  • NOOK HD+ Tablet
  • NOOK eReaders
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac
  • NOOK for Web

Want a NOOK? Explore Now

NOOK Book (eBook)
$22.99 price
(Save 42%)$39.99 List Price


Get in-depth guidance—and inside insights—for using the Windows Sysinternals tools available from Microsoft TechNet. Guided by Sysinternals creator Mark Russinovich and Windows expert Aaron Margosis, you’ll drill into the features and functions of dozens of free file, disk, process, security, and Windows management tools. And you’ll learn how to apply the book’s best practices to help resolve your own technical issues the way the experts do.

Diagnose. Troubleshoot. Optimize.

  • Analyze CPU spikes, memory leaks, and other system problems
  • Get a comprehensive view of file, disk, registry, process/thread, and network activity
  • Diagnose and troubleshoot issues with Active Directory
  • Easily scan, disable, and remove autostart applications and components
  • Monitor application debug output
  • Generate trigger-based memory dumps for application troubleshooting
  • Audit and analyze file digital signatures, permissions, and other security information
  • Execute Sysinternals management tools on one or more remote computers
  • Master Process Explorer, Process Monitor, and Autoruns
Read More Show Less

Product Details

  • ISBN-13: 9780735656727
  • Publisher: Microsoft Press
  • Publication date: 7/21/2011
  • Pages: 494
  • Sales rank: 230,036
  • Product dimensions: 7.40 (w) x 8.90 (h) x 1.30 (d)

Meet the Author

Mark Russinovich is a Technical Fellow in the Windows Azure group at Microsoft. He is coauthor of Windows SysInternals Administrator’s Reference, co-creator of the Sysinternals tools available from Microsoft TechNet, and coauthor of the Windows Internals book series. Aaron Margosis is a Principal Consultant with Microsoft Public Sector Services. He specializes in application development on Windows platforms, with a focus on security, least privilege, and compatibility in locked-down environments.

Read More Show Less

Table of Contents

; Foreword; Introduction; Tools the Book Covers; The History of Sysinternals; Who Should Read This Book; Organization of This Book; Conventions and Features in This Book; System Requirements; Acknowledgments; Errata & Book Support; We Want to Hear from You; Stay in Touch; Getting Started; Chapter 1: Getting Started with the Sysinternals Utilities; 1.1 Overview of the Utilities; 1.2 The Windows Sysinternals Web Site; 1.3 Sysinternals License Information; Chapter 2: Windows Core Concepts; 2.1 Administrative Rights; 2.2 Processes, Threads, and Jobs; 2.3 User Mode and Kernel Mode; 2.4 Handles; 2.5 Call Stacks and Symbols; 2.6 Sessions, Window Stations, Desktops, and Window Messages; Usage Guide; Chapter 3: Process Explorer; 3.1 Procexp Overview; 3.2 Main Window; 3.3 DLLs and Handles; 3.4 Process Details; 3.5 Thread Details; 3.6 Verifying Image Signatures; 3.7 System Information; 3.8 Display Options; 3.9 Procexp as a Task Manager Replacement; 3.10 Miscellaneous Features; 3.11 Keyboard Shortcut Reference; Chapter 4: Process Monitor; 4.1 Getting Started with Procmon; 4.2 Events; 4.3 Filtering and Highlighting; 4.4 Process Tree; 4.5 Saving and Opening Procmon Traces; 4.6 Logging Boot, Post-Logoff, and Shutdown Activity; 4.7 Long-Running Traces and Controlling Log Sizes; 4.8 Importing and Exporting Configuration Settings; 4.9 Automating Procmon: Command-Line Options; 4.10 Analysis Tools; 4.11 Injecting Debug Output into Procmon Traces; 4.12 Toolbar Reference; Chapter 5: Autoruns; 5.1 Autoruns Fundamentals; 5.2 Autostart Categories; 5.3 Saving and Comparing Results; 5.4 AutorunsC; 5.5 Autoruns and Malware; Chapter 6: PsTools; 6.1 Common Features; 6.2 PsExec; 6.3 PsFile; 6.4 PsGetSid; 6.5 PsInfo; 6.6 PsKill; 6.7 PsList; 6.8 PsLoggedOn; 6.9 PsLogList; 6.10 PsPasswd; 6.11 PsService; 6.12 PsShutdown; 6.13 PsSuspend; 6.14 PsTools Command-Line Syntax; 6.15 PsTools System Requirements; Chapter 7: Process and Diagnostic Utilities; 7.1 VMMap; 7.2 ProcDump; 7.3 DebugView; 7.4 LiveKd; 7.5 ListDLLs; 7.6 Handle; Chapter 8: Security Utilities; 8.1 SigCheck; 8.2 AccessChk; 8.3 AccessEnum; 8.4 ShareEnum; 8.5 ShellRunAs; 8.6 Autologon; 8.7 LogonSessions; 8.8 SDelete; Chapter 9: Active Directory Utilities; 9.1 AdExplorer; 9.2 AdInsight; 9.3 AdRestore; Chapter 10: Desktop Utilities; 10.1 BgInfo; 10.2 Desktops; 10.3 ZoomIt; Chapter 11: File Utilities; 11.1 Strings; 11.2 Streams; 11.3 NTFS Link Utilities; 11.4 DU (Disk Usage); 11.5 Post-Reboot File Operation Utilities; Chapter 12: Disk Utilities; 12.1 Disk2Vhd; 12.2 Diskmon; 12.3 Sync; 12.4 DiskView; 12.5 Contig; 12.6 PageDefrag; 12.7 DiskExt; 12.8 LDMDump; 12.9 VolumeID; Chapter 13: Network and Communication Utilities; 13.1 TCPView; 13.2 Whois; 13.3 Portmon; Chapter 14: System Information Utilities; 14.1 RAMMap; 14.2 CoreInfo; 14.3 ProcFeatures; 14.4 WinObj; 14.5 LoadOrder; 14.6 PipeList; 14.7 ClockRes; Chapter 15: Miscellaneous Utilities; 15.1 RegJump; 15.2 Hex2Dec; 15.3 RegDelNull; 15.4 Bluescreen Screen Saver; 15.5 Ctrl2Cap; Troubleshooting—“The Case of the Unexplained...”; Chapter 16: Error Messages; 16.1 The Case of the Locked Folder; 16.2 The Case of the Failed AV Update; 16.3 The Case of the Failed Lotus Notes Backups; 16.4 The Case of the Failed Play-To; 16.5 The Case of the Crashing Proksi Utility; 16.6 The Case of the Installation Failure; 16.7 The Case of the Missing Folder Association; 16.8 The Case of the Temporary Registry Profiles; Chapter 17: Hangs and Sluggish Performance; 17.1 The Case of the IExplore-Pegged CPU; 17.2 The Case of the Excessive ReadyBoost; 17.3 The Case of the Slow Keynote Demo; 17.4 The Case of the Slow Project File Opens; 17.5 The Compound Case of the Outlook Hangs; Chapter 18: Malware; 18.1 The Case of the Sysinternals-Blocking Malware; 18.2 The Case of the Process-Killing Malware; 18.3 The Case of the Fake System Component; 18.4 The Case of the Mysterious ASEP; About the Authors;

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing all of 2 Customer Reviews
  • Posted February 28, 2012

    Useful book and tools

    I have used the Sysinternals tools for years but have never fully understood their full power. This book finally gives you a single source to understand the how and why's of the Sysinternals tools design and implementation, as well as all the options available.

    I wish I had had this book years ago.

    Was this review helpful? Yes  No   Report this review
  • Posted July 27, 2011

    A must have for net admins

    Russinovich, a Microsoft Fellow is the SysInternals Authority. The Sysinternals Suite offers administrators and end-users detailed tools to help diagnose system issues, hardware utilization, malware, etc..

    Was this review helpful? Yes  No   Report this review
Sort by: Showing all of 2 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)