sysinternals

New Sysinternals Release Disk2VHD

Anything from Sysinternals is worth a look, I have never used Disk2vhd, but im sure it works like a charm. Remember not to make your VHD bigger than 127GB as Virtual PC cannot handle and will not work with VHD’s of that size. Also Disk2vhd runs Windows XP SP2, Windows Server 2003 SP1, and higher, including x64 systems. Read the full article here.

Run it from live.sysinternals.com

Insert from Sysinternals

Disk2vhd is a utility that creates VHD (Virtual Hard Disk - Microsoft’s Virtual Machine disk format) versions of physical disks for use in Microsoft Virtual PC or Microsoft Hyper-V virtual machines (VMs). The difference between Disk2vhd and other physical-to-virtual tools is that you can run Disk2vhd on a system that’s online. Disk2vhd uses Windows’ Volume Snapshot capability, introduced in Windows XP, to create consistent point-in-time snapshots of the volumes you want to include in a conversion. You can even have Disk2vhd create the VHDs on local volumes, even ones being converted (though performance is better when the VHD is on a disk different than ones being converted).

Sysinternals Suite Updates

New Updates to the Sysinternals Suite

Process Monitor v2.7
This update to Process Monitor, a system monitoring utility, adds a new option to the process tree dialog that direct it to show just the timeline for displayed events, uses kernel-based thread profiling on Vista and higher for better performance, and includes a number of minor fixes and enhancements.

ProcDump v1.5
ProcDump now includes a new switch that enables the creation of a process dump upon process termination, which can help with troubleshooting unexpected process termination. It also fixes a bug where the -ma switch wouldn’t generate a full dump when combined with -r , the Windows 7-specific process reflection switch.

If you want to download these apps go to the Systinternals Live Site or go here for the whole updated package.

Posted in August that is Definitely worth a read.

Mark’s Blog: The Case of the Temporary Registry Profiles
In the latest post in Mark’s “Case of the Unexplained” series, he documents a perplexing case affecting many Microsoft and Citrix customers that Microsoft Customer Support Services solved with the use of Process Monitor’s boot logging and stack trace features.

Sysinternals Updates

There have been a lot of updates since i last blogged about this awesome set of tools, among those are updates to ProcDump, Autoruns, and PsLogList. The full details are here.

Another thing to mention is that Mark and David released the 5th Edition of their book, titled, “Windows Internals 5th Edition” You can check out the details herealso. Here is a small insert from their site.

Delve inside Windows architecture and internals:

• Understand how the core system and management mechanisms work—from the object manager to services to the registry
• Explore internal system data structures using tools like the kernel debugger
• Grasp the scheduler’s priority and CPU placement algorithms
• Go inside the Windows security model to see how it authorizes access to data
• Understand how Windows manages physical and virtual memory
• Tour the Windows networking stack from top to bottom— including APIs, protocol drivers, and network adapter drivers
• Troubleshoot file-system access problems and system boot problems
• Learn how to analyze crashes

New Version of Autoruns v9.37

This update includes a cool new option, Hide Microsoft and Windows Entries!

To use this, you start Autoruns (link to follow), then click on options, then “Hide Microsoft and Windows Entries”. This option makes it much easier to sort through all the apps and services loading on your system. You know that what is remaining definitely isnt verified by Microsoft, as this app is made by Microsoft Employees!

Run Autoruns now from Live.Sysinternals.com

Arent you curious to see what is in your system?

Another feature is to view apps running per user/system. There is also a command line tool, but I’m a GUI fan-boy. so i wont include the link. If you know what your doing you’ll have no problem finding it on your own

NS