In this week’s Top Picks from TechEd 2013, we have selected some sessions from Microsoft Technical Fellow, Mark Russinovich. Mark is consistently rated one of the top speakers at every event he presents at. His technical skill is unmatched but he is also a funny and engaging speaker. Both of the sessions below won’t disappoint.
Case of the Unexplained – Windows Troubleshooting
The master of Windows troubleshooting, walk you step-by-step through how he has solved seemingly unsolvable system and application problems on Windows. With all new real case studies, Mark shows how to apply the Microsoft Debugging Tools and his own Sysinternals tools, including Process Explorer, Process Monitor, to solve system crashes, process hangs, security vulnerabilities, DLL conflicts, permissions problems, registry misconfiguration, network hangs, and file system issues. These tools are used on a daily basis by Microsoft Product Support and have been used effectively to solve a wide variety of desktop and server issues, so being familiar with their operation and application will assist you in dealing with different problems on Windows.
License to Kill: Malware Hunting with the Sysinternals Tools
This session provides an overview of several Sysinternals tools, including Process Monitor, Process Explorer, and Autoruns, focusing on the features useful for malware analysis and removal. These utilities enable deep inspection and control of processes, file system and registry activity, and autostart execution points. You will see demos for their malware-hunting capabilities through several real-world cases that used the tools to identify and clean malware, and conclude by performing a live analysis of a Stuxnet infection’s system impact.
Check back here next week. We’ll have another episode of Top Picks from TechEd 2013.
And for those of you interested in downloading some of the products and trying them, here are some resources to help you:
Written by Keith Combs, Microsoft Server and Tools
Comments in this blog are open and monitored for each post for a period of one week after the posting date. If you have a specific question about a blog post that is older than one week, please submit your question via our Twitter handle @MSCloud