Category Archives: Development

SysInternals – ProcExp

If there was one of these tools that would make you drool, then this would be it. ProcExp is a process explorer that gives you all sorts of details about the jobs running on your system. After running it the first time, right click on the column bars and pick “Select Columns”, then add a few more useful columns. The most useful of these would be Path, which shows the disk location the exe or dll launched from. Version is also useful, you may find more that have meaning for you.[Picture of ProcMon basic view.]

Next, select View, Show Lower Pane. Then select View, Lower Pane View, and pick DLLs. OK, now here’s something really cool, especially for you .Net developers. See the image above, there are two processes that are highlighted in yellow. The yellow (and these colors are customizeable) indicates this is a .Net application. You can see I have two .Net apps, RSSBandit and PaintDotNet. Click on one of the yellow bars (in this case I picked PaintDotNet). You’ll see the lower pane populate, as in the picture below.

[Pic of ProcMon with it's lower panel showing some useful information.]

What you are seeing is a long list of all the DLLs loaded by your app. Way cool huh? You can see all the dependencies needed by your (or someone elses) program. Cool, but there’s more! Double click on the app line (again, the yellow line with PaintDotNet).

[Pic of dialog showing more information about the application you clicked on.]

You can see a new dialog with detailed info about the program. You can kill off the program, or bring it to the foreground. There’s lots of tabs you can click on, I’ll highlight a couple of the most useful ones. Click on the Performance Graph tab.

[Picture: Try not to drool as you look at this useful graph.]

This produces graphs similar to the ones Task Manager gives you, only this is targeted at just this particular app. Great tool for monitoring your program, looking at memory usage, CPU usage, etc. The Performance tab gives you similar information, only in a textual view.

Now go click on the .Net tab. You can see a list of the AppDomains. Click on the drop down (shown below) and you can see a list of the various performance counters you can view.

[Picture: Your like a kid at Christmas as you look over all the stats you can dig out of your .Net app.]

Lots of great info in this area, below I’ve pasted the Memory stats, just to give you an idea.

[Picture: Shows you just how much memory your app really needs.]

There’s more info to be found here than I can describe in this brief blog post. Take some time, dive in and look around. This tool can really assist you in determining the impact your application will have on the target system.

SysInternals – Two Monitor Programs

Nov. 9th Update:Microsoft has completed the merger of SysInternals into it’s internal TechNet area. Along with that they’ve renamed the old Process Monitor to Process Explorer. They have a new Process Monitor tool that combines the functionality of the two tools I mention below. Both tools below are still available, but you should also take a look at the new Process Monitor to see if it will better suit your needs.


How many times have you watched your hard drive light flicker and wondered “What the heck is banging my hard disk?” Well FileMon will help you figure this out. FileMon simply displays all the applications that are accessing your drives.

[Picture of FileMon.]

As you can see in the sample above, you can monitor all the items that are reading and writing to your disks. You can use filters in case there’s a particular program or programs you are interested in. The filters are nice in that you can use either includes (I only want to see…) or excludes (I want to see everything but…). Additionally you can save the output to a log so you can analyze it later.

Along the same lines is RegMon. RegMon is a Registry Monitor that will give you info on what is accessing your registry. Like FileMon there are filters and logging capability.

[Picture of RegMon.]

Two great monitoring tools to help you with debugging, and like all the SysInternals tools, free for the taking.

SysInternals – BgInfo

I work in a lot of Virtual PCs and remotely controlled pc’s via Remote Desktop. It’s gets confusing at times determining which PC I’m working in, especially when I step away for more coffee/hot tea or am interrupted.

BgInfo has really helped with this issue. It takes your current desktop (in my example I just have a plain black background) and overlays current system info, as is seen on my desktop below.

[Picture of my desktop with BgInfo's information on it.]

You can pick and choose the details you want to display, and reorder them in any order you want, using the interface.

[Picture of BgInfo's configuration screen.]

You can also configure BgInfo to run at every startup, or launch it at your convienience. In my normal day to day setup I selected half a dozen of the most useful items to display, but for my example above I left everything in.

Again, a very useful tool if you are in and out of virtual or remotely controlled machines every day.

SysInternals – Contig

Along the same lines as PageDefrag is Contig. Contig is a command line utility that will allow you to defrag a single file or group of files, instead of having to defragment your entire disk. Here’s the command line help:

Contig v1.53 - Makes files contiguous
Copyright (C) 1998-2006 Mark Russinovich Sysinternals - http://www.sysinternals.com

Contig is a utility that relies on NT's built-in defragging support to make a specified file contiguous on disk. Use it to optimize execution of your frequently used files.
Usage:
contig [-v] [-a] [-s] [-q] [existing file]
or contig [-v] -n [new file] [new file length]
-v: Verbose
-a: Analyze fragmentation
-q: Quiet mode
-s: Recurse subdirectories

Usage is pretty simple, just type in Contig followed by the file (or file spec, such as *.mdb) you wish to defragment. This can be useful if you have some larger database files or other files to process that are running slowly. Use contig prior to running your large jobs and you’ll see a nice speed boost.

Also useful if you just want to see if your file is fragmented, just add the –a switch prior to the file name and it will tell you how many pieces your file is fragmented into.

Note, with all these tools you use at your own risk. Always make sure to backup important files prior to running any of these tools on them.

SysInternals – PageDefragmentor

Next up is another startup tool, PageDefrag. As we all know, Windows relies heavily on it’s PageFile.Sys to manage memory. When your pagefile gets fragmented, performance can really take a hit.

Page Defrag will let you tell windows to defrag your system files the next time you boot, or everytime you boot. As you can see below my pagefile is not fragmented, but you might be surprised by yours. Give it a try, you might be startled at the performance boost you get.

[Picture of PageDefrags user interface.]

SysInternals

Scott Hanselman (http://www.hanselman.com/blog/) recently got with Carl Franklin (http://www.intellectualhedonism.com/) on Dot Net Rocks Episode 35 (http://www.dnrtv.com/default.aspx?showID=35) for an hour long presentation on the great tools from SysInternals (http://www.sysinternals.com/).

SysInternals is a collection of freeware tools that allows you to extract some really great info from the Windows OS, or adds some nifty extra utilities. If you don’t have an hour to invest right now, or are bandwidth impaired, I thought it’d be useful to spend a few blog posts talking about these tools.

One great feature of all the SysInternals tools is that none of them require installation. They can all be run without leaving footprints on the host system. I keep them on my USB thumb drive, so I can quickly and easily diagnose issues on users PCs.

A quick note, the parent company of SysInternals is WinTernals. WinTernals was recently purchased by Microsoft (shows you how cool the tools were). Soon many of the WinTernals / SysInternals tools will have Microsoft labels on them. Microsoft has pledged that SysInternals tools will continue to be free. Check the SysInternals blog for updates on the tools as time goes by.

To start things off, we’ll talk about a tool that helps you with your computer’s start up. Autoruns lets you examine everything that your computer launches. You can look at everything at once, or handy tabs let you look at it by category.

[Picture of AutoRuns user interface.]

Clicking on an item will populate the window with info about that item:

[Picture of the information area of the window.]

Want to learn more about an item? Right click on it, and select Google from the menu. Autoruns will launch a Google search in your browser of choice on the program in question, letting you learn more about it, to determine if you actually need this piece of software to load in your system.

If you decide you don’t want it, simply uncheck the box. Next time you boot that particular software won’t load. Discover you need it? No problem, simply launch Autoruns again and check it on, reboot and all is well. Autoruns preserves all of the settings you had on the auto launch so it can easily be restored.

If you happen to have the SysInternals Process Explorer tool (I’ll blog about this shortly) you can actually see how much memory, etc. the particular item is taking up.

I like this tool, it’s simple, and focuses on one thing, controlling what starts automatically on your pc. Easy to use, and it’s free!

Virtual PC and Laptops

It’s been a crazy week here in the land of Arcane Code. Lots of traveling during a business trip, then the mad rush to take care of all the issues that arose while I was gone. I wanted to share a quick tip with you, now that you’ve had a chance to install and use Virtual PC.

If you run VPC on a laptop, as I do, you may have noticed some weird quirks especially when your laptop goes into Hibernate mode. Mostly the VPC becomes unresponsive, or in my case the main screen quits updating. Oddly enough the tiny icon window inside the VPC Console updates fine, but the big window doesn’t. Go figure.

Microsoft released a HotFix for this, but it didn’t get a lot of publicity. I found it buried in Virtual PC Guy’s weblog (http://blogs.msdn.com/virtual_pc_guy/archive/2006/07/13/662538.aspx). Since it’s brief I’ll regurgitate it here, in case you are a cautious type about link clicking.

I think the reason the hot fix is hard to find is because you already have it. Go back to the directory where you exploded the Virtual PC 2004 file. In addition to the Setup.exe, the MSI and INFs you’ll also find a directory called “Laptop Hotfix”.

In this directory is a text file that looks mostly like a license. However, at the top of the file is a link to the knowledge base article (http://support.microsoft.com/?kbid=889677) that describes a few of the nasties that this patch repairs.

What’s really important though is the MSP file. Just double click on it to install, and it should patch your system. If you are running a laptop, or regularly use the Hibernate or Standby features of your computer then you need to apply this patch.

I haven’t seen mention of this if you are running Virtual Server 2005, so perhaps they already included the fix there. If someone knows otherwise feel free to leave a comment.