Overview: In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer. This installment goes over the commands used to show the state of debug session. It also shows some of the basic commands used to view process and thread information of a user mode process. We cover these commands: version vertarget | || .sympath .srcpath .exepath .extpath .chain !analyze -v .bugcheck !error ~ ~NNs ~~[TID]s ~*k ~*r !process 0 17 !threads !findstack !uniqstack !peb !teb k= <addr> <addr> <frames> dps dpu dpa dpp .reload /f .reload /user !gle !tls Make sure you watch Defrag Tools Episode #1 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbols and source code resolution.