Winternals Defragmentation, Recovery, and Administration Field Guide

The Only Book for the Leading Winternals Tools Used in Microsoft Networks! Winternals first came to my rescue in November of 1999. It was then that I purchased my Winternals Administrator's Pak. It contained BlueSave Version 1.01, ERD Commander Professional Version 1.06, Monitoring Tools (Filemon and Regmon) Enterprise Editions Version 1.0, NTFSDOS Professional Version 3.03, NTRecover Version 1.0, and Remote Recover Version 1.01. We had a Windows NT 4 server in the dead zone. I spent a few hours reading over the ERD and Remote Recover user guides, created a "client floppy," and began my quest. Thank goodness that version of ERD had the ability to access NT-defined fault-tolerant drives. Within a few hours we had recovered the system and were back up and running. With that success, I thought back on hundreds of earlier incidents that made me wish I had purchased Winternals sooner. We have come a long way since then; the Winternals team has improved upon and added many tools and features to the Administrator's Pak utilities. One thing remains constant-in the Microsoft administrator's world, Winternals is a lifesaver.-from the Foreword by Dave Kleiman Master ERD Commander 2005 Use the ERD Commander to make a boot disk, run the Locksmith, remove hotfixes, access restore points, and more. Explore Process Activity with Process Explorer Use Autoruns and Process Explorer together to troubleshoot startups and combat malware. View the Security Settings of Your Computer Use the various Winternals tools to monitor users and shared resources, investigate suspicious local files, and search for installed rootkits. Use Sysinternals Tools to Monitor Active Sessions Use FileMon to view all file activity and Regmon to view all Registry activity. Integrate with Windows' System Programs Manage disk fragmentation, get extended file/disk information, and manage disk utilization. Perform Data Recovery Recover data across a network, recover files, and restore lost active directory data. Troubleshoot System Failures Make sense of a Windows crash, identify errant drivers, detect problematic file and registry accesses, and more. Monitor Connections with TCPTools View active network connections and identify problematic network applications using TCPView and TDIMon. Optimize NT 4.0 Systems Extend the Life of NT 4 systems using CacheSet, Contig, PMon, and Frob.