Browse by Tags
All Tags »
Debugging »
Vista and Lognhorn (RSS)
Backstory: With the advent of Windows Vista there are changes made in how the operating system determines if it can take a kernel memory dump or not. Starting in Vista the amount of memory allocated for kernel mode could vary dynamically . If the pagefile
Read More...
You might find yourself debugging an issue and a thread you are interested in is paged out. Here's the steps to use to page in the stack for the kernel side and user side... Be careful when doing this on a live machine that you want to release after debugging
Read More...
Ran into another issue today where I needed to set and IFEO for the particular instance of SVCHOST.exe running terminal service. Here is the easiest way of doing so: 1) Make a copy of SVCHOST.exe on the server, name it Mysvchost.exe and leave it in %Systemroot%\system32\
Read More...
Some might call me a control freak, but when I have the opportunity to investigate a machine myself or provide instructions via the phone/mail to the end-user you know what I'm going to choose. One of the easier ways that I find is to use remote.exe which
Read More...
Ran into a case today where each time we tried to start sidebar.exe it would fail silently. No crash to investigate, no error, so where to next? First I set an IFEO for sidebar.exe to launch windbg.exe when started, by doing this it stops at the initial
Read More...
