Coolthing Of Theday

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Friday, 3 May 2013

And it does Windows too... Using Process Monitor to solve [nearly] any problem...

Posted on 17:25 by Unknown

benjamin perkins - Using Process Monitor to solve any problem, including DebugDiag

I attended TechReady15 and took part in a session from Mark Russinovich, the creator of Process Monitor and many if not all of the System Internals tools.  He mentioned that there is no problem which Process Monitor cannot be used to help resolve. I put that to the test when I received the error message, Figure 1, from DebugDiag while trying to analyze a memory dump.

image

Figure 1, DebugDiag error, ShellExecute failed to display the report.  The returned code was 2.

I started up Process Monitor and reproduced the issue.  In the amount of time it took to reproduce the error, Process Monitor had logged 100,000s of events.  No problem, this is where the filtering comes in handy.  Figure 2 illustrates the filter I used to reduce the events to just those used by the DebugDiag process.  You can get to the filter window by clicking on the filter icon, circled in red in Figure 2, selecting Filter -> Filter… or by pressing CTRL + L.

...

Not bad, I have been able to reduce the number of events from half a million to 17.  By default, User Name is not added to the column list.  Right-click on the column and I can see which credentials are being used and are receiving the ACCESS DENIED error.  I was using my own credentials which did not have the required rights to create the required files.

Solution

I opened DebugDiag as an administrator as shown in Figure 5 and the issue did not happen anymore.

Figure 4, DebugDiag, Run as administrator

I recommend adding Process Monitor to your skill set as you can troubleshoot and resolve a lot of problems with it…even on your own machine…

image

Nice kind of recursive example of using Processing Monitor to debug a debug tool...

 

Related Past Post XRef:
The “Windows Sysinternals Primer: Process Explorer, Process Monitor, and More” from TechEd 2010 North America
Sysinternals 101 – “Notes from the field,” a quick intro to a few Sysinternals utilities (Process Explorer, TCPView, Process Monitor, VMMap)
Hands On Learning How to Use the Sysinternals Process Monitor Utility

Use the Sysinternals Utilities? The EULA bug dialog you? Then try this…

Sysinternals Update Day – Including new major release of Process Monitor (think PM + Network Monitoring = v2)
It’s a new Sysinternals Tool Day! RAMMap v1.0 released
New Sysinternals utility released today, Disk2vhd v1.0 – Yes, creating a VHD from a physical hard drive, even an online one, is now a couple clicks away…

The latest Sysinternals utilities are just a URL away, Live.Sysinternals.com
A handy PowerShell script to keep your Sysinternals Suite up to date

It's a sweet suite! Windows Sysinternals Suite gets a summer refresh [August 3, 2012]...
Sysinternals Suite 2010 Refreshed - All the latest versions, one 12.4MB zip…
Sysinternals Suite Refreshed – All the latest Sysinternals Utilities, one tiny zip (well 10MB zip…)
Sysinternals Suite (8MB of Complete Sysinternals Goodness)

Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in SystemAdministration, Utility, Windows | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Mr. 7,000! This is my 7,000th post...
    Before this post; After; 20 visits between taking these snaps? Oh wait, that's probably me searching for past related posts....
  • "Windows Server Essentials Media Pack" (DNLA Stream, HTML5 and Dashboard Media stuff)
    Microsoft Downloads - Windows Server Essentials Media Pack This pack enables the media streaming functionality for Windows Server 2012...
  • Rad Gate Post... Get your Red Gate Post here...
    simple talk - Melanie Townsend - Get a copy of the Red Gate Post We recently put together a newspaper of some of the best articles fr...
  • Windows Management Framework 4.0 (PowerShell 4, PowerShell ISE, Management OData, WMI, etc.) now available
    Keith Hill's Blog - PowerShell 4.0 Now Available You can get PowerShell 4.0 for down level operating systems now via the WMF 4.0 d...
  • Viasfora - Your new favorite Visual Studio Text/*ML Editing Extension?
    Winterdom - Introducing Viasfora A couple of days ago, I unveiled Viasfora , my latest attempt at building a decently packaged extensi...
  • "Windows Server [2012 R2]: The Best Infrastructure to Run Linux Workloads"
    In the Cloud - What’s New in 2012 R2: Enabling Open Source Software Part 4 of a 9-part series . ... There are a lot of great s...
  • [Hardware Review] Life with Haswell... Haswell/Harris Beach Intel SDS Ultrabook Review - Part 2
    "So Greg, how's life with Haswell been?" "Pretty Sweet! (Mostly)" I've been given an opportunity to review t...
  • Fuzzy Lookup Add-In for Excel (Insert lame "Fuzzy, wuzzy was an Excel..." snip here)
    Microsoft Downloads - Fuzzy Lookup Add-In for Excel The Fuzzy Lookup Add-In for Excel performs fuzzy matching of textual data in Exce...
  • Caliburn.Micro v1.5.0 released (CM gets Tasks, Async/Await and Share/Setting for RT... and bug fixes of course)
    Caliburn.Micro - Caliburn.Micro v1.5.0 "Release Notes This release fixes many bugs. It also adds support for Task and async/a...
  • Just about everything you ever wanted to know about SQL Server Date and Time Data Types...
    CodeProject - Date and Time Data Types and Functions - SQL Server (2000, 2005, 2008, 2008 R2, 2012) Introduction It would be bette...

Categories

  • .Net
  • 3DPrinting
  • AFeedYouShouldRead
  • Agile
  • ALM
  • Amazon
  • Amiga
  • Analytics
  • Android
  • ASP.NET
  • Azure
  • BigData
  • bing
  • Blogging
  • Book
  • BookReview
  • BUILD
  • C
  • C#
  • C++
  • Career
  • Cat
  • cheatsheet
  • ClickOnce
  • Cloud
  • ComputerHardware
  • css
  • Data
  • DBA
  • DependencyInjection
  • Deployment
  • Design
  • Development
  • devops
  • DVCS
  • ebook
  • EDD
  • Education
  • EnterpriseLibrary
  • EntityFramework
  • Exchange
  • Expression
  • gadget
  • Game
  • GIT
  • Google
  • Government
  • Hadoop
  • hardware
  • HardwareReview
  • HaswellReview
  • HTML5
  • Humor
  • IE
  • IEExtension
  • IfAllElseFails
  • IIS
  • ILMerge
  • Image
  • Infographic
  • interview
  • InversionOfControl
  • Java
  • Javascript
  • Kinect
  • LightSwitch
  • LINQ
  • Linux
  • LosAngeles
  • Lucene
  • Lync
  • MEF
  • Metro
  • MicrosoftOffice
  • MicrosoftOutlook
  • Mono
  • MVC
  • MVVM
  • NetMon
  • NLP
  • NoSQL
  • NuGet
  • OData
  • OneNote
  • OpenXML
  • Paint.Net
  • Personal
  • Photosynth
  • Physics
  • portable
  • Poster
  • PowerShell
  • Preparedness
  • Presentation
  • Prism
  • PrivateCloud
  • RegEx
  • RemoteDesktop
  • Reporting
  • RIAServices
  • Science
  • ScienceFiction
  • Scratch
  • Scrum
  • ServiceBus
  • SharePoint
  • Silverlight
  • SimiValley
  • SPA
  • Space
  • SQLServer
  • Storyboard
  • Surface
  • SVG
  • SystemAdministration
  • T4
  • TeamBuild
  • TeamFoundationServer
  • TechEd
  • Training
  • TypeScript
  • UnitTesting
  • UnityApplicationBlock
  • Utility
  • Veteran
  • VirtualMachine
  • Visio
  • VisualBasic
  • VisualStudio
  • WCF
  • Web X.X
  • Webcast
  • WebFeed
  • WebMatrix
  • Windows
  • Windows7
  • Windows8
  • Windows8.1
  • WindowsHomeServer
  • WindowsLiveWriter
  • WindowsPhone
  • WindowsServer
  • WinRT
  • WiX
  • WMI
  • WOPI
  • WPF
  • XAML
  • XBox360
  • XboxOne
  • zombie

Blog Archive

  • ▼  2013 (500)
    • ►  December (12)
    • ►  November (61)
    • ►  October (65)
    • ►  September (38)
    • ►  August (47)
    • ►  July (75)
    • ►  June (39)
    • ▼  May (40)
      • Brian (and Infragistics) is having a theme give-aw...
      • MarraLAB for Visual Studio, your new DDE (Debuggin...
      • TechEd Reveal - Looks like BizTalk ain't dead yet....
      • From A to W... The US Gov goes Git (and API crazy ...
      • Windows 8.1 Pre-beta WinRT API Spelunking (Think, ...
      • Edward Farley and the Fantastic Library - A 12 par...
      • SQL Server Database Project SqlBuildTask failing a...
      • Your plate will never be full with all the great G...
      • Go long and thanks for the 1's, 2's and 3's... Lot...
      • Many events, lots of devices, one you and your new...
      • Extended WPF Toolkit gets all v2.0 and now include...
      • Cool Kid Training from Pluralsight, that's free to...
      • Visual Studio ALM Ranger Solutions Catalog - All A...
      • Just the SSMS Mama, just the SSMS... (Getting just...
      • "The database is slow!" Here's a SQL Server Perfor...
      • A little heritage of the BSOD
      • "Hello dotPeek plugin" Creating a dotPeek plugin i...
      • Okay, Okra! Windows Store Templates that make MVVM...
      • GBoD [Geo-distributed Bunch of Data centers] or "U...
      • More on Mission Control (Coding4Fun Style) "A Flex...
      • Because every IDE needs a fart-app, right? Farticu...
      • The NSA Untangles the Web - 651 Pages of NSA Web S...
      • Who needs an App Store when we now have a DevStore...
      • Mission Control to Major...C4F - Coding4Fun Missio...
      • And Data for All... President Obama signs Executi...
      • C#'ing Objective C with Xamarin's new Objective Sh...
      • More Metro... Syncfusion Metro Studio 2 released. ...
      • Visualizing TFS Source History now with more source
      • Go can be more than just a GO (in the T-SQL world ...
      • Prep'ing your Pets, National Animal Disaster Prepa...
      • Sometimes you just need a donut [chart]... Free Mo...
      • And it does Windows too... Using Process Monitor t...
      • Free'ish [reg-ware] Windows 8 QRC (Quick Reference...
      • TFS Web Licensing for Greg's (i.e. dumm... well yo...
      • PII Problems in the Public Enron Data Set (aka "In...
      • WebMatix Gets Azure, Version Control Support, Remo...
      • So long and thanks for all the ghosting... Ghost i...
      • 13 Modules, six weeks, 2 exam preps and a whole lo...
      • Git 101 - Beginners guide to groking [command line...
      • Surface Pro Driver Pack now available
    • ►  April (42)
    • ►  March (39)
    • ►  February (42)
Powered by Blogger.

About Me

Unknown
View my complete profile