These are a few of my favorite things… (Part 3)

Just some more junk that I use quite a bit that I would share with others in case it can be useful in the wild...

Part 1

Part 2 



I've mentioned setting IFEO before but here is the real short way to do it form the command prompt: 

Gflags /P /enable notepad.exe /debug “c:\debuggers\cdb –g –G”

UMDH to find memory leaks:

UMDH is a Good utility to track down memory leaks in your app if you notice they are eating up lots of it.  Before you can use UMDH you must enable stack tracing which can be done via: "gflags –I <appname.exe> +ust"  Once set, then you can restart the app and start capturing.  Don’t forget to set the NT_SYMBOL_PATH otherwise you will not get lines info from your app.


UMDH –p:3480 > snap1.txt //takes the first snapshot of the process and stacks


UMDH –p:3480 > snap2.txt //takes another snapshot

(Now we see the differences)

UMDH –v snap1.txt snap2.tx > diff.txt //Compare the two

And then for the lazy,we have the UMDH autoloop.  This one sleeps for 15 minutes between snapshots.

for /l %i in (1,1,100) do (umdh -p:<PID> -d -l -f:umdh%i.txt & sleep 900)


LiveKD allows you to run KD.exe locally on a live system. Execute all the debugger commands that work on crash dump files to look deep inside the system.  Of course you cant set breakpoints and the like in a live KD session or the machine would halt.  I like to use LiveKD when I cant crash dump a server (to see the kernel space offline).  So I can attach LiveKD to the system and then do a .dump <file_name> which I can then use offline to view the kernel space.  It's a nice thing to have in your toolbox when you're in a jam. 

I haven't been able to get it to run on my Vista x64 system more than likely because it might shim on an untrusted driver and Vista doesn't allow you to do that anymore.



Ever find yourself looking in Perfmon and you are missing some performance counters?  Well this is the tool to re-register those counters quickly and then get on with your work.  You can find what dlls are not registered currently and can check the box to register them and be done with it.  Or you can view it by performance counter and find the one that is missing.


Finding stale computer accounts in AD the easy way...

Use DSQUERY first then DSRM covered well here.

DSQUER Computer /?

-inactive <NumWeeks>        Finds computers that have been inactive (stale)
                            for at least <NumWeeks> number of weeks.
-stalepwd <NumDays>         Finds computers that have not changed their
                            password for at least <NumDays> number of days.
-disabled                   Finds computers with disabled accounts.


Snipping tool to capture screen shots

I do like this tool quite a bit, if you're on Vista you can just launch the snipping tool and then cut out the piece of the screen that is of interest to you and save ti right there, or send it in e-mail.

•Free-form Snip.  Draw an irregular line, such as a circle or a triangle, around an object.

•Rectangular Snip.  Draw a precise line by dragging the cursor around an object to form a rectangle.

•Window Snip.  Select a window, such as a browser window or dialog box, that you want to capture.

•Full-screen Snip.  Capture the entire screen when you select this type of snip.

When doing presentations with Live Demos

You have to check out Zoom it.  It's a Sysinternals tool that is awesome when trying to show stuff at the command prompt for a presentation. 

ZoomIt is screen zoom and annotation tool for technical presentations that include application demonstrations. ZoomIt runs unobtrusively in the tray and activates with customizable hotkeys to zoom in on an area of the screen, move around while zoomed, and draw on the zoomed image. I wrote ZoomIt to fit my specific needs and use it in all my presentations.

ZoomIt works on all versions of Windows and you can use pen input for ZoomIt drawing on tablet PCs.

Getting rid of VBscript pop-ups

I hate running a script at the command prompt and the results come back in a popup don't you?  Changes the default script host to CScript.exe and all results will come back in the command prompt.

C:\Windows\system32>cscript //H:CScript
Microsoft (R) Windows Script Host Version 5.7
Copyright (C) Microsoft Corporation. All rights reserved.

The default script host is now set to "cscript.exe".

Luke... Use the tab key... the command prompt.  This one is for the typists who lack the dexterity to always type a line out correctly *cough me cough*.  I think this might be on by default now, but if not you can click "Defaults" on the command prompt file menu and then choose "AutoComplete.  Say I want to run tracelog.exe which is in the c:\debuggers\tracing directory.  Well I could type it all out or I can just hit c:\d <tab> t <tab> trac <tab> and I'm done. 

Another nice thing is if you hit tab too quickly, you can hit shift-tab to go back to the one before.  Just another way to make life easier at the command prompt.


Technorati tags: , ,

Comments (1)

  1. Christian says:

    Thanx to your instructions, I just got a VBS output into CMD (and so in a text file :-))!

    So thank you for sharing this nice tip!



Skip to main content