Welcome to the first episode of Defrag Tools where Andrew Richards and I will be walking you through the tools we use when troubleshooting Windows PC's. Each week we'll dive into the tools from SysInternals, showing you how to use them along with our best tips and tricks.

In this episode we'll be showing you how to get started by creating a thumb drive that you can use to fix PC's and troubleshoot problems.

In this episode of Defrag Tools, Andrew and I walk you through Sysinternals Process Explorer. Process Explorer is a comprehensive replacement for Task Manager. It allows you to view the details of the processes running on the computer, both at a point in time and historically. The performance graphs allow you to view the CPU, I/O, Memory and GPU usage. Process Explorer can be used to find file locks, loaded DLLs, autostart locations, and many more things.

In this 2 part episode of Defrag Tools, Andrew and I walk you through Sysinternals Process Monitor. Process Monitor allows you to view the File, Registy, Network, Process and Profiling details of the processes running on the computer. The logging allows you to go from a holistic view all the way down to the function in the stack that initiated an event. Process Monitor can be used to troubleshoot nearly all types of issues. As coined by David Solomon - "When in doubt, run Process Monitor".

In this 2 part episode of Defrag Tools, Andrew and I walk you through Sysinternals Process Monitor. Process Monitor allows you to view the File, Registy, Network, Process and Profiling details of the processes running on the computer. The logging allows you to go from a holistic view all the way down to the function in the stack that initiated an event. Process Monitor can be used to troubleshoot nearly all types of issues. As coined by David Solomon - "When in doubt, run Process Monitor".

In this episode of Defrag Tools, Chad and I walk you through Sysinternals Autoruns. We also look at its predecessors: MSConfig and SysEdit. AutoRuns and MSConfig allow you to view and disable autostart entries on the computer. The autostart entries are locations in the registry and file system that can cause applications and DLLs to be automatically run at startup, login, application launch, and at many more registration points in Windows.

In this episode of Defrag Tools, Andrew and I walk you through Sysinternals RAMMap. RAMMap allows you to see how the Physical Memory (RAM) on the computer is being used. You can see how much RAM there is, for what purpose it is being used, and if there has been any memory pressure (not enough memory). We also cover a lot of Memory Management theory to understand the data in RAMMap.

In this episode of Defrag Tools, Andrew and I walk you through Sysinternals VMMap. VMMap allows you to see how the Virtual Memory of a process is being used. You can see how much is used, for what purpose it is being used, and if there has been any memory leaks. Like last week with RAMMap, we cover some Memory Management theory to understand the data in VMMap.

Mark Russinovich joins Andrew Richards and Larry Larsen on this episode of Defrag Tools to talk about the history of Sysinternals, his involvement with the Windows Internals book series and advice on Cybersecurity. Learn about new tools, retired tools and tools that never got completed. Get advice on troubleshooting. Get advice on how to survive a cyber attack. And much much more...

In this 3 part episode of Defrag Tools, Andrew Richards and Larry Larsen walk you through Sysinternals ProcDump. ProcDump allows you to capture the memory of a process running on the computer. The dump file can be of varying size and can be taken with varying outage durations. Dumps can be triggered immediately or can be triggered by a variety of events including CPU utilization, Memory utilization, a Performance Counter, a Hung Window and/or Native/Managed exceptions.

In this 3 part episode of Defrag Tools, Andrew Richards and Larry Larsen walk you through Sysinternals ProcDump. ProcDump allows you to capture the memory of a process running on the computer. The dump file can be of varying size and can be taken with varying outage durations. Dumps can be triggered immediately or can be triggered by a variety of events including CPU utilization, Memory utilization, a Performance Counter, a Hung Window and/or Native/Managed exceptions.

In this 3 part episode of Defrag Tools, Andrew Richards and Larry Larsen walk you through Sysinternals ProcDump. ProcDump allows you to capture the memory of a process running on the computer. The dump file can be of varying size and can be taken with varying outage durations. Dumps can be triggered immediately or can be triggered by a variety of events including CPU utilization, Memory utilization, a Performance Counter, a Hung Window and/or Native/Managed exceptions.

In this episode of Defrag Tools, Chad Beeder and Larry Larsen walk you through Task Manager and Resource Monitor. Sometimes you can't download Sysinternals or other troubleshooting tools, at these time, you can turn to these in-box applications that allow you to investigate the computer.

In this episode of Defrag Tools, Andrew Richards and Larry Larsen start walking you through the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer.

This first WinDbg installment configures the system to open dumps files via an adjusted Context Menu. It shows how to set WinDbg as the (AeDebug) postmortem debugger, and how to use ProcDump v5.1 to do the same but capture the process as a dump file. It then starts to explain some basic concepts of debugging: call stacks (k), registers (r) and exception context records (.ecxr).

Make sure you watch Defrag Tools Episode #1 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbols and source code resolution.

In this episode of Defrag Tools, Andrew Richards and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer.

This installment shows how you can view the user mode call stack and stack variables in a native, managed (.NET) or Silverlight process. We use these commands:

dv

dt

!sos.dumpstack

!sos.dumpstackobjects / !sos.dso

!sos.dumpobj / !sos.do

!sos.printexception / !sos.pe

.frame

.f+

.f-

.load

.unload

.loadby

.chain

lm / lmm / lmvm

.extmatch

.prefer_dml 1

.lines

.ecxr

.cls

Make sure you watch Defrag Tools Episode #1 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbols and source code resolution.

In this episode of Defrag Tools, Chad Beeder and Larry Larsen discuss analyzing kernel mode bugchecks (colloquially known as Blue Screens of Death) using WinDbg from the Debugging Tools For Windows.

We use these commands:

!analyze -v

.hh

.trap

!pte

!process

!thread

.formats

.process

.thread

k

~

.reload

Make sure you watch Defrag Tools Episode #1 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbols and source code resolution.

Not all Blue Screens of Death are easy to debug! Sometimes, you need to enable extra checking to help catch a buggy device driver. In this episode of Defrag Tools, Chad Beeder and Larry Larsen discuss using Driver Verifier in conjunction with WinDbg to track down a driver which is corrupting kernel mode pool memory.

Debugger commands used:

!analyze -v

.trap

ub

dp

dps

dc

kv

Make sure you watch Defrag Tools Episode #1 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbols and source code resolution.

In this episode of Defrag Tools, Michael Fourre, senior test engineer from the Driver Verifier team, pays a visit to Larry Larsen and Chad Beeder in the Channel 9 studios to give us some deeper insight into this valuable tool for catching device driver bugs!

In this followup to last week's episode of Defrag Tools, Michael Fourre, senior test engineer from the Driver Verifier team, gives us an overview of all the available verifier settings, and explains when you might need to use them.

In this week's episode of Defrag Tools, Graham McIntyre, Senior Developer from the Windows Reliability team, gives us an overview of Online Crash Analysis (OCA). Graham describes OCA and how dump collection has been enhanced in Windows 8.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer.

This installment goes over the commands used to show the state of debug session. It also shows some of the basic commands used to view process and thread information of a user mode process. We cover these commands:

version

vertarget

|

||

.sympath

.srcpath

.exepath

.extpath

.chain

!analyze -v

.bugcheck

!error

~

~NNs

~~[TID]s

~*k

~*r

!process 0 17

!threads

!findstack

!uniqstack

!peb

!teb

k=

dps

dpu

dpa

dpp

.reload /f

.reload /user

!gle

!tls

Make sure you watch Defrag Tools Episode #1 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbols and source code resolution.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer.

This installment goes over the commands used to show the memory used in a user mode debug session. We cover these commands:

!address -summary

!address

!vprot

!mapped_file

Make sure you watch Defrag Tools Episode #1 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbols and source code resolution.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer.

This installment goes over the commands used to show the memory used in a kernel mode debug session. We cover these commands:

!vm

!vm 1

!memusage 8

!poolused 2

!poolused 4

!poolfind

!pool

!pool 2

!pte

Make sure you watch Defrag Tools Episode #1 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbols and source code resolution.

In this episode of Defrag Tools, Andrew Richards and Larry Larsen upgrade the software we downloaded in Episode #1 to the Windows 8 (x86 &x64) and Windows RT (ARM) versions.

Resources:

Windows Software Development Kit (SDK) for Windows 8

Sysinternals

USB3 Debugging Cable

- Note, you must use a USB3 A-A cable designed for debugging, otherwise it will fry your box!

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer.

This installment goes over the commands used to diagnose a Critical Section hang in a user mode application. We start with an overview of the four synchronization primitives and then delve deep in to temporary hangs, orphaned Critical Sections and deadlocks. We use these commands:

~*k

~*kv

~

~~[TID]s

!cs

!cs

!locks

Make sure you watch Defrag Tools Episode #1 and Defrag Tools Episode #23 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbols and source code resolution.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer.

This installment goes over the commands used to diagnose an Event hang in a user mode application. We talk about single and multiple event hangs, automatic and manual events, waitable object handles and common design patterns that you will encounter. We use these commands:

~*k

~*kv

~

~~[TID]s

dp

!handle

!handle

.dumpdebug

!uniqstack

!findstack

Make sure you watch Defrag Tools Episode #1 and Defrag Tools Episode #23 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbol and source code resolution.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer.

This installment goes over the commands used to diagnose Semaphores, Mutexes and (Waitable) Timers in a user mode application. For timers, we delve deep in to the kernel to gather more information about them. We use these commands:

!handle

!handle

!object

!object

!timer

!timer

ub @rip

dt nt!_KTHREAD

Make sure you watch Defrag Tools Episode #1 and Defrag Tools Episode #23 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbol and source code resolution.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen review MCP exam 70-660 - MCTS Windows Internals.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen walk you through Sysinternals ZoomIt. ZoomIt is a screen zoom and annotation tool for technical presentations that include application demonstrations. ZoomIt runs unobtrusively in the tray and activates with customizable hotkeys to zoom in on an area of the screen, move around while zoomed, and draw on the zoomed image.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen walk you through Sysinternals Desktops. Desktops allows you to organize your applications on up to four virtual desktops. We go under the covers and show how Desktops fits in to the Session, Window Station and Desktop object/security model.

** I didn't do a great job explaining Sessions/Window Stations/Desktops -- If you want to know about those concepts in detail, I suggest you watch Sysinternals Primer: Gems instead.

In this episode of Defrag Tools, Andrew Richards, Maoni Stephens and Larry Larsen walk you through the CLR Garbage Collector. Maoni is the Principal developer for the GC on the CLR team.

In this episode of Defrag Tools, Andrew Richards, Maoni Stephens and Larry Larsen continue walking you through the CLR Garbage Collector. Maoni is the Principal developer for the GC on the CLR team.

In this episode of Defrag Tools, Andrew Richards, Maoni Stephens and Larry Larsen continue walking you through the CLR Garbage Collector. Maoni is the Principal developer for the GC on the CLR team.

In this episode of Defrag Tools, Andrew Richards, Maoni Stephens and Larry Larsen continue walking you through the CLR Garbage Collector - specifically PerfView. Maoni is the Principal developer for the GC on the CLR team.

In this episode of Defrag Tools, Andrew Richards, Amanda Silver and Larry Larsen start walking you through the debugging of JavaScript Windows Store applications with Visual Studio. Amanda is a Principal developer for the JavaScript engine used in Internet Explorer, Windows Store applications and Visual Studio.

In this episode of Defrag Tools, Andrew Richards, Amanda Silver and Larry Larsen continue walking you through the debugging of JavaScript Windows Store applications with Visual Studio. Amanda is a Principal developer for the JavaScript engine used in Internet Explorer, Windows Store applications and Visual Studio.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen starting walking you through the Windows Performance Toolkit (WPT).

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue walking you through the Windows Performance Toolkit (WPT).

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue walking you through the Windows Performance Toolkit (WPT). Example xPerf scripts.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue walking you through the Windows Performance Toolkit (WPT). Example xPerf scripts.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue walking you through the Windows Performance Toolkit (WPT). Example xPerf scripts.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue walking you through the Windows Performance Toolkit (WPT). Example xPerf scripts.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue walking you through the Windows Performance Toolkit (WPT). Example xPerf scripts.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue walking you through the Windows Performance Toolkit (WPT). Example xPerf scripts.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue walking you through the Windows Performance Toolkit (WPT). Example xPerf scripts.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue walking you through the Windows Performance Toolkit (WPT). This is part 1 of 3 episodes on memory usage/leaks. Example xPerf scripts.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue walking you through the Windows Performance Toolkit (WPT). This is part 2 of 3 episodes on memory usage/leaks. Example xPerf scripts.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue walking you through the Windows Performance Toolkit (WPT). This is part 3 of 3 episodes on memory usage/leaks. Example xPerf scripts.

In this two part series of Defrag Tools, Andrew Richards and Larry Larsen talk to Jeff Dailey, Director of diagnostics in Microsoft Support. In this episode, we cover the principals of data collection and analysis.

In this two part series of Defrag Tools, Andrew Richards and Larry Larsen talk to Jeff Dailey, Director of diagnostics in Microsoft Support. In this episode, we talk about Microsoft Fix it Center Pro.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen talk about Crashes, Hangs and Slow Performance. We talk about how to approach these issues and list the tools that can help you analyze them.

In this episode of Defrag Tools, Chad Beeder, Andrew Richards and Larry Larsen show you the analysis of a Bugcheck 0xAB (by C9'er David Grainger). We show Chad's debugging and troubleshooting steps to solve the issue.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen show you the analysis of a hang. The hang happens in Explorer when Windows-E is pressed - the folder window never appears. We show Andrew's debugging steps to solve the issue.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen talk about Andrew's new job, configuring new systems with SSDs and HDDs, answer two questions from a viewer (Barry), and debug two crashes.

[So why is the audio weird in this episode? Well, Andrew accidently hit mute on his mic just before recording. Kaitlin came to the rescue and used the audio from Chad's mic, fixing the levels for hours - Thx Kaitlin]

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen talk about a Sysinternals Autoruns file from a viewer (Judy) for a slow booting system. We update Sysinternals and in doing so, we use Sysinternals Steams to show the (NTFS) alternate data stream used to save the Zone information of the download.

In this episode of Defrag Tools, Larry Osterman joins Andrew Richards and Chad Beeder to talk about lots of random stuff from his 29ys at Microsoft; including the old days, Windows Audio, Windows 8.1 UI, and much more.

In this episode of Defrag Tools, Rob Paveza joins Andrew Richards and Larry Larsen to talk about Just My Code for JavaScript Windows Store Apps in Visual Studio 2013. We show how much easier debugging is with all of the JavaScript libraries (e.g. JQuery) filtered out.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen talk about Sysinternals Disk Usage and Sysinternals Registry Usage. These tools are used to determine the size of Folder and Registry trees. We provide advice on how to free up disk space so you can upgrade to Windows 8.1 on a low-disk space system.

In this episode of Defrag Tools, Chad Beeder, Andrew Richards and Larry Larsen talk about the High DPI support in Windows 8.1.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen walk you through the download of the Windows 8.1 SDK and the latest Sysinternals tools. We harvest the Debugging Tools for Windows, Windows Performance Toolkit, and Application Verifier files from the SDK. We also show some of the new WinDbg features.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen walk you through a Windows Store Application crash dump. We show the Quality page of the Dev Dashboard and debug a dump with WinDbg.

In this episode of Defrag Tools, Jeffrey Richter joins Andrew Richards and Larry Larsen to talk about Windows Store Application development. We talk about all the books he's authored and what his company (Wintellect) is doing recently.

In this episode of Defrag Tools, Jeffrey Richter joins Andrew Richards and Larry Larsen to talk about the Wintellect Package Explorer. This new tool, associated with the Windows Runtime for C# book, allows you to view the properties of Store apps installed on your system, and help you manage them.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder walk you through a common issues in Background Task applications. We use a Windows Store 8.1 app sample to show how missing code affects the process, and how the process can be reported as having an Application Hang due to non-responsiveness.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder walk you through a common issues in Windows Store applications that use HTTP. We use a Windows Store 8.1 app sample to show how a missing exception handler affects the stability of the process.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder walk you through a common issues in Windows Store applications that use XML. We use a Windows Store 8.1 app sample to show how missing code affects the stability of the process.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder walk you through a common issues in Windows Store applications that use Interop. We use a Windows Store 8.1 app sample to show how missing code affects the stability of the process.

In this episode of Defrag Tools, Paul Long joins Chad Beeder in this 3 part series on Message Analyzer.

In this episode of Defrag Tools, Paul Long joins Chad Beeder in this 3 part series on Message Analyzer.

In this episode of Defrag Tools, Paul Long joins Chad Beeder in this 3 part series on Message Analyzer.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder walk you through a common issue in Windows Store applications that use Frame.GetNavigationState. We use a Windows Store 8.1 app sample to show how using complex objects as a parameter in navigation can cause serialization to raise an exception.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen walk you through a common issue in Windows Store applications that use Files. We use a Windows Store 8.1 app sample to show how missing code affects the stability of the process.

In this episode of Defrag Tools, Trey Nash and Jason Epperly join Chad Beeder to talk about their roles as Escalation Engineers in CSS.

In this episode of Defrag Tools, Trey Nash joins Chad Beeder to demonstrate how the Windows Performance Toolkit was used to solve a performance issue in a time sensitive application.

In this episode of Defrag Tools, Jason Epperly joins Chad Beeder to demonstrate how the Windows Performance Toolkit was used to solve a performance issue while logging in to a system.

In this episode of Defrag Tools, Chad Beeder is joined by Steve Thomas to talk about Steve's role as a consultant for Microsoft Consulting Services.

In this episode of Defrag Tools, Chad Beeder is joined by Steve Thomas to talk about Application Virtualization (App-V) troubleshooting techniques.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder are joined by Aaron Margosis to talk about the Sysinternals book he co-authored, and demos an Application Installation Recorder that leverages Process Monitor and PowerShell.

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen begin a multi-part series on how Performance Counters work and how to add them to an application. This episode focuses on the (statistical) counter types that determine how the (raw) data is reported.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder continue a 3-part series on how Performance Counters work and how to add them to an application. This episode focuses on the XML manifest that you develop, that turns in to code when compiled with CTRPP.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder continue a 3-part series on how Performance Counters work and how to add them to an application. This episode focuses on turning the XML manifest in to code (with CTRPP), and using the generated code in a sample application.

In this episode of Defrag Tools, Chad Beeder and Larry Larsen discuss two topics: The Heartbleed bug, and the Sigcheck tool from Sysinternals.

In this episode of Defrag Tools, Andrew Richards walks you through the download of the Windows 8.1 Update SDK, the Windows 8.1 Store App Samples, the latest Sysinternals tools, and the Wintellect Package Explorer. We harvest the Debugging Tools for Windows, Windows Performance Toolkit, and Application Verifier files from the SDK.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder talk about how you can change the Symbol folder's hierarchy to be 2-Tier instead of 1-Tier - by adding an index2.txt file to the root.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder talk about 4 tools used to maintain your Symbol Store and Symbol Cache folders.

In this episode of Defrag Tools, Chad Beeder and Andrew Richards use FindStr, Sysinternals Strings and !pde.ssz to perform string searches and filtering.

In this episode of Defrag Tools, Chad Beeder and Andrew Richards use the Scheduled Tasks MMC, Sysinternals Autoruns, at.exe, scdtasks.exe and PowerShell to manage the Task Scheduler.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder start a new series on writing a Debugger Extension for the Debugging Tools for Windows. The series is based on a 3 part MSDN Magazine series that Andrew wrote back in early 2011.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder continue a series on writing a Debugger Extension for the Debugging Tools for Windows. The series is based on a 3 part MSDN Magazine series that Andrew wrote back in early 2011.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder continue a series on writing a Debugger Extension for the Debugging Tools for Windows. The series is based on a 3 part MSDN Magazine series that Andrew wrote back in early 2011.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder continue a series on writing a Debugger Extension for the Debugging Tools for Windows. The series is based on a 3 part MSDN Magazine series that Andrew wrote back in early 2011.

This week we break out of the Channel 9 studios and visit the offices of Chad Beeder and Andrew Richards, and talk about some of the history of Buildings 22 and 26.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder continue a series on writing a Debugger Extension for the Debugging Tools for Windows. The series is based on a 3 part MSDN Magazine series that Andrew wrote back in early 2011.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder continue a series on writing a Debugger Extension for the Debugging Tools for Windows. The series is based on a 3 part MSDN Magazine series that Andrew wrote back in early 2011.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder continue a series on writing a Debugger Extension for the Debugging Tools for Windows. The series is based on a 3 part MSDN Magazine series that Andrew wrote back in early 2011.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder continue a series on writing a Debugger Extension for the Debugging Tools for Windows. The series is based on a 3 part MSDN Magazine series that Andrew wrote back in early 2011.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder finish a series on writing a Debugger Extension for the Debugging Tools for Windows. The series is based on a 3 part MSDN Magazine series that Andrew wrote back in early 2011.

In a two part special for Defrag Tools, Larry Osterman joins Larry Larsen, Andrew Richards and Chad Beeder to celebrate Larry's 30 years at Microsoft. We travel to the Microsoft Archives building to reminisce over a selection of products that Microsoft has produced over Larry's 30 year career.

In this second part of a two part special for Defrag Tools, Larry Osterman joins Larry Larsen, Andrew Richards and Chad Beeder to celebrate Larry's 30 years at Microsoft. We continue looking around the Microsoft Archives building, reminiscing over a selection of products that Microsoft has produced over Larry's 30 year career.

Mark Russinovich and Thomas Garnier join Andrew Richards in this episode of Defrag Tools. We talk about their new tool - Sysinternals System Monitor.

System Monitor (Sysmon) is a Windows system service and device driver that, once installed on a system, remains resident across system reboots to monitor and log system activity to the Windows event log. It provides detailed information about process creations, network connections, and changes to file creation time.

In this episode of Defrag Tools, Andrew Richards starts a two part series on writing a Debugger Extension in C# for the Debugging Tools for Windows. The series follows on from the recent 9 part series on writing a Debugger Extension in C++.

The C# code utilizes the Microsoft.Diagnostics.Runtime (CLRMD) and DllExports packages, available on NuGet.

In this episode of Defrag Tools, Andrew Richards finishes a two part series on writing a Debugger Extension in C# for the Debugging Tools for Windows. The series follows on from the recent 9 part series on writing a Debugger Extension in C++.

The C# code utilizes the Microsoft.Diagnostics.Runtime (CLRMD) and DllExports packages, available on NuGet.

In this of Defrag Tools, Kraig Brockschmidt joins Andrew Richards and Chad Beeder for two episodes to talk about Windows Store Application development using HTML, CSS and JavaScript. Be sure to download the free ebook!

In this of Defrag Tools, Kraig Brockschmidt joins Andrew Richards and Chad Beeder for a second episode to talk about Windows Store Application development using HTML, CSS and JavaScript. Be sure to download the free ebook!

In this episode of Defrag Tools, Vance Morrison joins Andrew Richards and Chad Beeder to discuss his performance analysis tool, PerfView. In part 1 of this series, we demonstrate downloading and installing the tool, and collecting traces.

In this episode of Defrag Tools, Vance Morrison joins Andrew Richards and Chad Beeder to discuss his performance analysis tool, PerfView. In part 2 of this series, we review a trace for CPU issues.

In this episode of Defrag Tools, Vance Morrison joins Andrew Richards and Chad Beeder to discuss his performance analysis tool, PerfView. In part 3 of this series, we focus on looking at memory issues.

In this episode of Defrag Tools, Vance Morrison joins Andrew Richards and Chad Beeder to discuss his performance analysis tool, PerfView. In part 4 of this series, we focus on using PerfView as a diagnostics tool.

In this episode of Defrag Tools, Vance Morrison joins Andrew Richards and Chad Beeder to discuss his performance analysis tool, PerfView. In part 5 of this series, we focus on using PerfView as a diagnostics tool.

In this episode of Defrag Tools, Vance Morrison joins Andrew Richards and Chad Beeder to discuss his performance analysis tool, PerfView. In part 6 of this series, we show how easy it is to add ETW events to your applications, and how these events can be seen in PerfView.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder to discuss Windows Management Instrumentation (WMI).

In this episode of Defrag Tools, Vance Morrison joins Andrew Richards and Chad Beeder to discuss his performance analysis tool, PerfView. In part 7 of this series, we show how easy it is to analyze ETW events with PerfView.

In this episode of Defrag Tools, Wade Mascia joins Andrew Richards and Chad Beeder to discuss his debugging analysis tool, DebugDiag. In part 1 of this 4 part series, we show the basic features of DebugDiag.

In this episode of Defrag Tools, Wade Mascia joins Andrew Richards and Chad Beeder to discuss his debugging analysis tool, DebugDiag. In part 2 of this 4 part series, we continue delving in to the features of DebugDiag.

In this episode of Defrag Tools, Wade Mascia joins Andrew Richards and Chad Beeder to discuss the debugging analysis tool, DebugDiag. In part 3 of this 4 part series, we continue delving in to the features of DebugDiag.

In this episode of Defrag Tools, Wade Mascia joins Andrew Richards and Chad Beeder to discuss the debugging analysis tool, DebugDiag. In part 4 of this 4 part series, we continue delving in to the features of DebugDiag.

In this episode of Defrag Tools, Vance Morrison joins Andrew Richards and Chad Beeder to discuss his performance analysis tool, PerfView. In part 8 of this series, we show how to analyze the GC with PerfView.

In this episode of Defrag Tools, Andy Sterland joins Chad Beeder to discuss the IE F12 Developer Tools, including some of the new features available in the Windows 10 Tech Preview.

In this episode of Defrag Tools, David Stephens joins Andrew Richards to discuss the IE F12 Console, including some of the new features available in the Windows 10 Tech Preview.

In the next two episodes of Defrag Tools, Andrew Richards and Chad Beeder discuss Networking. We look at various inbox tools, including ipconfig, route, netstat, arp, nslookup, tracert, ping, psping, net and netsh.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder continue to discuss Networking. We look at more inbox tools (netsh, tracert, ping, psping, net) and talk about Receive-Side Scaling (RSS), TCP Chimney Offload and the TCP Receive Window.

In this episode of Defrag Tools, Andrew Richards and Chad Beeder discuss services in Windows. We look at several tools for managing services, and discuss how they are implemented.