Defrag Tools #131 - Windows 10 SDK

Download this episode

Download Video

Description

In this episode of Defrag Tools, Andrew Richards and Chad Beeder walk you through the download of the Windows 10 SDK and the latest Sysinternals tools. We harvest the Debugging Tools for Windows, Windows Performance Toolkit, and Application Verifier files from the SDK.

Previous Versions:
Windows 7.0
Windows 8.0
Windows 8.1
Windows 8.1 Update

Resources:
Sysinternals
Windows 10 SDK
Defrag Tools OneDrive (SIEExtPub, PDE & Scripts)

Timeline:
[00:00] - Windows 10
[02:47] - The USB Stick/OneDrive "Lightsaber"
[04:26] - Sysinternals Suite
[04:12] - Windows 10 SDK
[08:44] - While we wait... configure ProcDump as the AeDebug Debugger (c:\dumps\procdump.exe -ma -i)
[11:42] - Install the Windows 10 SDK MSI files
[14:23] - Harvest the Windows 10 SDK files for xcopy use
[17:45] - c:\debuggers\dbghelp.dll vs. c:\windows\system32\dbghelp.dll
[20:58] - Defrag Tools OneDrive
[25:12] - Environment Variables and Registry Keys
[28:20] - Quick Summary
[31:09] - Email us your issues at defragtools@microsoft.com

Environment Variables - Symbols.cmd

md c:\My
md c:\My\Sym
md c:\My\SymCache
compact /c /s /i /q c:\My\Sym\
compact /c /s /i /q c:\My\SymCache\
setx /m DBGHELP_HOMEDIR C:\My
setx /m _NT_SYMBOL_PATH SRV*C:\My\Sym*http://msdl.microsoft.com/download/symbols
setx /m _NT_SYMCACHE_PATH C:\My\SymCache

Registry Entries - WinDbg -IA (PDE).reg

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\.dmp]
@="WinDbg.DumpFile.1"

[HKEY_CLASSES_ROOT\.hdmp]
@="WinDbg.DumpFile.1"

[HKEY_CLASSES_ROOT\.mdmp]
@="WinDbg.DumpFile.1"

[HKEY_CLASSES_ROOT\.cab]
@="WinDbg.DumpFile.1"

[HKEY_CLASSES_ROOT\WinDbg.DumpFile.1]
@="WinDbg Post-Mortem Dump File"

[HKEY_CLASSES_ROOT\WinDbg.DumpFile.1\DefaultIcon]
@="\"C:\\debuggers\\windbg.exe\",-3002"

[HKEY_CLASSES_ROOT\WinDbg.DumpFile.1\shell]
@="Open"

[HKEY_CLASSES_ROOT\WinDbg.DumpFile.1\shell\Open]
@="Open x&64"

[HKEY_CLASSES_ROOT\WinDbg.DumpFile.1\shell\Open\command]
@="\"C:\\debuggers\\windbg.exe\" -z \"%1\" -a pde.dll"

[HKEY_CLASSES_ROOT\WinDbg.DumpFile.1\shell\Open_x86]
@="Open x&86"

[HKEY_CLASSES_ROOT\WinDbg.DumpFile.1\shell\Open_x86\command]
@="\"C:\\debuggers_x86\\windbg.exe\" -z \"%1\" -a pde.dll"

Embed

Format

Available formats for this video:

Actual format may change based on video formats available and browser capability.

    The Discussion

    • User profile image
      ScottyKarate

      Great to see you guys back.  I'm looking forward to "season 2" of the show.

      Andrew: you mentioned going through all of the dumps in your C:\Dumps folder.  That would be awesome.  Definitely do that episode!

    • User profile image
      Jaso

      Thanks gents! It's really good to have you back. How you're managing to do the shows a month before Win 10 rollout is beyond me! Well done guys and keep up the great work.

    • User profile image
      kihtraks

      A good refresher. Thanks for the video, guys!

    • User profile image
      Marc Sherman

      Also glad to see that you guys are back!

    • User profile image
      s3curity​Consult

      Yes, Andrew definitely go through what we should do with the dumps that are captured in C:\Dumps.  I got tons of crap in there and I always clean it out to save space but never really have time to go in and debug them that much,  Please show us again how to debug these dump files, because often I try to open the dumps in the debugger and it says "APPX" is not a valid win32 application, or sometimes apps don't have symbol files, and I really would love to see how you'd approach figuring out why these crashes and dumps are taking place, Would love to get back into debugging again, i'm getting rusty. Thanks for coming back

    • User profile image
      windev

      A debugging (C:\Dumps) episode it is then. Since 132, 133 and 134 have already been taped, this episode will be 135 - airing 27th July.

      Email us (defragtools@microsoft.com) a OneDrive link to any dumps you can't work out. I can't promise to look at them all, or for very long, but I'll try to give you the 1min answer.

    • User profile image
      Magic​Andre1981

      instead of installing the MSIs use admin install (https://msdn.microsoft.com/en-us/library/aa367541(v=vs.85).aspx). Here you don't need to remove them later again. I use this tool to do it via GUI: http://legroom.net/software/uniextract

       

    • User profile image
      Kiran Prabhu

      Good to see you guys back...
      Are you guys going to plan WPT session on new changes in version 10?

      From this Episode
      I tried below but the output is not as expected. what must be wrong?

      0:004> !wmitrace.strdump
      (WmiTrace) StrDump Generic
      LoggerContext Array & 0x0000000077067C20 [4 Elements]

      rest of the output is missing

      I am using windbg 10.0.10075.9 AMD64

    • User profile image
      kiranprabhu

      Sorry the question was from episode 29

    • User profile image
      artisticche​ese

      What is running on Andrew's laptop which keeps switching mouse pointer to "Working in Background" (hourglass) every 3s or so.

    • User profile image
      Ytterbium

      Would be good to a 'defrag' going deep

    • User profile image
      windev

      @artisticcheese: Yeah - that is a little weird. Hadn't noticed it. Will have to trace it and find out why!

    • User profile image
      windev

      @Kiran Prabhu: Send us the dump - We'll take a look. Might be a symbols issue.

    • User profile image
      danko andruszkiw

      Defrag tools one drive not working ???

    • User profile image
      pinscomputer

      you should add a link to defrag tools #88 & #89 since you did not discuss 2-tier symbol folder creation for the new SYM folder

    • User profile image
      daviangel

      Defrag tools one drive not working ???

      Ditto

      link to defrag tools one drive doesn't seem to be working anymore

      so do we really need those files or can we get them somewhere else?

       

    Comments closed

    Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.