Andrew Richards

Back to Profile: windev


  • Defrag Tools: #8 - Mark Russinovich

    @StanS: There are a few more and then on to non-Mark tools.

  • Defrag Tools: #8 - Mark Russinovich

    @C64: Visual Studio 2008 SP1 is used to compile the tools so that the tools use MSVCRT v9.0 - which is shipped with Windows XP/Windows 2003.

  • Defrag Tools: #8 - Mark Russinovich

    @RyanRies: 6th edition Part 2 RTMed today, so it will be printed and available soon.

  • Defrag Tools: #8 - Mark Russinovich

    @siodmy: We are going to do a big series on xPerf which will cover logging for all applications.  I'll add Logparser to the list of applications to be covered in a future episode.

  • Defrag Tools: #7 - VMMap

    @Roger: They all come from the Microsoft Company Store (the shop on Redmond campus, as opposed to the retail shops we now have). You'll have to come visit campus!

  • Defrag Tools: #6 - RAMMap

    @James G: I use a vhd for the show and it only runs during taping (so I don't add features to the install without you seeing it). The next time I prepare for a show, I'll make sure to give it some time to do the updates. Can't set a bad example can I!

    The show will be weekly for at least another ~10 weeks based on the current episode recording schedule. We tape a few at a time if it is the same topic.

    Next is vmmap, then we have a special edition, then inbox tools. After that in a yet to be decided order is 3+ on Windows Performance Toolkit, 2+ on Procdump, 4+ on Debugging Tools for Windows, Network Monitor, Fiddler and PsTools. In the maybe bucket is audio, video, printing and device troubleshooting (1 each). We will also probably do a live show on Channel 9 Live at Build.

    Lots and lots of shows to watch!  If your favorite tool isn't in that list, drop us an email at or write a comment and we'll add it to the list or move it forward.

  • Defrag Tools: #5 - Autoruns and MSConfig

    @Debojyoti: xPerf (WPT) profiling can help you here.  We'll go over this in detail on a future episode but the gist is:

    xperf -on Diag+Latency -stackwalk Profile+CSwitch+ReadyThread+ThreadCreate -BufferSize 1024 -MinBuffers 256 -MaxBuffers 256 -MaxFile 256 -FileMode Circular

    echo Press a key when you want to stop...
    xperf -stop -d result.etl

    Look at the result.etl with xperfview.exe

  • Defrag Tools: #6 - RAMMap

    @siodmy: The repurposed of 0-4 is expected. It is the 5-7 that matter. You are getting enough memory pressure on 5 (1.6Gb -- x8 reused) to raise interest at least. Adding a few gigs will definitely help in those times - its not critical though.

  • Defrag Tools: #6 - RAMMap

    @Phililp Saunders: It's from the Windows Internals books/David Solomon kernel course.  It is copyrighted to them, so I can't make it available for download Sad

  • Defrag Tools: #4 - Process Monitor - Examples

    @Tom Hall: Procmon may indeed be looked for by crysis. Some games don't like you looking at the I/O operations as they think you are trying to hack the game. All you can do iscrebiit (to unload the driver) and then play the game. Smiley

  • Defrag Tools: #1 - Building your USB thumbdrive

    @Joe:  If you have a enough space, definitely set the path to the USB Stick. I'd definitely do this if I was using one of those self-powered 2" harddisks. You'd use X:\My\... instead of C:\My\...

    _NT_SOURCE_PATH is used by Process Monitor and VMMap (and more).

    If you are internal to Microsoft, set the _NT_SOURCE_PATH and _NT_SYMBOL_PATH to the same value. The internal symbol server can download source code, as well as symbols and executables (images).

    _NT_SYMCACHE_PATH is used by Windows Performance Toolkit (xPerf)

    I'll dive deep in to these environment variables again when I do the VMMap, WPT and Debugging Tools episodes.

  • Defrag Tools: #4 - Process Monitor - Examples

    @MagicAndre1981: xperf is scheduled for a future episode. And yes, I agree that it allows you to go deeper. ProcMon does do a very good job though of presenting information required to get an idea of what is happening.