Defrag Tools: #1 - Building your USB thumbdrive

Download this episode

Download Video

Description

Welcome to the first episode of Defrag Tools where Andrew Richards and I will be walking you through the tools we use when troubleshooting Windows PC's. Each week we'll dive into the tools from SysInternals, showing you how to use them along with our best tips and tricks.

In this episode we'll be showing you how to get started by creating a thumb drive that you can use to fix PC's and troubleshoot problems.

Resources:
Microsoft Windows SDK for Windows 7 and .NET Framework 4
www.sysinternals.com

Timeline:
[00:00] - What is Defrag Tools?
[02:50] - The USB Stick light saber
[03:59] - Download, unblock and extract the Sysinternals Suite
[08:07] - Add c:\my\sysinternals to the PATH
[09:23] - Download and install the Microsoft Windows SDK for Windows 7 and .NET Framework 4
[13:30] - What is a Symbol?
[15:10] - Symbols script for environment variables
[18:57] - Symbol Logging (DbgHelp)
[20:45] - Gather the 'Redist' MSI files of Application Verifier, Debugging Tools for Windows, and Windows Performance Toolkit from the SDK
[22:29] - Debugging Tool for Windows
-
Install both the x64 and x86 versions of the Debugging Tool for Windows (to "c:\debuggers" and "c:\debuggers_x86" respectively)
- Copy the "c:\debuggers" and "c:\debuggers_x86" folders in to the "C:\My\Debugging Tool for Windows" folder for 'xcopy' use on any computer (no installation necessary)
[25:09] - Windows Performance Toolkit
- Install the x64 or x86 version of the Windows Performance Toolkit using the default options
- Copy "C:\Program Files\Microsoft Windows Performance Toolkit" to "C:\My\Windows Performance Toolkit" folder for 'xcopy' use on any computer (no installation necessary)
[25:43] - DbgHelp.dll v6.12
[26:55] - Next episode... Process Explorer

Scripts:
Symbols.cmd

md c:\My
md c:\My\Src
md c:\My\Sym
md c:\My\SymCache
setx /M _NT_SOURCE_PATH SRV*C:\My\Src
setx /M _NT_SYMBOL_PATH SRV*C:\My\Sym*http://msdl.microsoft.com/download/symbols
setx /M _NT_SYMCACHE_PATH C:\My\SymCache

DbgHelp_Logging.cmd

rem msdn.microsoft.com/en-us/library/windows/desktop/ms680687.aspx
md c:\My
md c:\My\DbgHelp
setx DBGHELP_DBGOUT 1 
setx DBGHELP_LOG C:\My\DbgHelp\DbgHelpLog.txt

Embed

Format

Available formats for this video:

Actual format may change based on video formats available and browser capability.

    The Discussion

    • User profile image
      Magic​Andre1981

      I'm using this tool on my USB thumb drive:

      WSCC - Windows System Control Center
      http://www.kls-soft.com/wscc/

      Generic Comment Image

       

      this tool can also update the programs so you don't have to download the zip all time again.


      And MS provides symbols for hotfixes. MS doesn't provide symbols for some tools like Office, MSE.

       

      And for the MSIs you can use the admin install mode of Windows Installer to get the install structure in a folder where you want it and copy the folder to your USB drive. because admin mode is ugly to type in the cmd prompt, use this tool:

      http://www.msfn.org/board/topic/124567-universal-extractor-latest-version-161/

      After you've installed it, make a rightclick on the MSI and select extract 1 of the "Uniextract" options.

       

    • User profile image
      darylb

      Hi Andrew, do you have the files (CMD scripts) for download you discussed?

    • User profile image
      windev

      Edit: Added to show description...

      --- Symbols.cmd ---

      md c:\My
      md c:\My\Src
      md c:\My\Sym
      md c:\My\SymCache

      setx /M _NT_SOURCE_PATH SRV*C:\My\Src
      setx /M _NT_SYMBOL_PATH SRV*C:\My\Sym*http://msdl.microsoft.com/download/symbols
      setx /M _NT_SYMCACHE_PATH C:\My\SymCache

    • User profile image
      windev

      Edit: Added to show description...

      --- DbgHelp_Logging.cmd ---

      rem http://msdn.microsoft.com/en-us/library/windows/desktop/ms680687.aspx

      md c:\My
      md c:\My\DbgHelp

      setx DBGHELP_DBGOUT 1
      setx DBGHELP_LOG C:\My\DbgHelp\DbgHelpLog.txt

    • User profile image
      windev

      Edit: Added to show description...

      --- URLs ---
      www.sysinternals.com
      http://www.microsoft.com/en-us/download/details.aspx?id=8279

      Sorry about the omission - Larry and I were rushed making more episodes when we we wrote the first show's description.

    • User profile image
      BrianHartung

      Great show yet again, boys.  I use these tools/techniques all the time but it seems like every time I hear someone talk about them I learn something new.  Looking forward to the next 30 episodes!

      @Andre: Thanks for the wscc tip...awesome sauce...

      @Larry: Did you just channel Kriss-Kross at the start of this episode???  Total man-card violation...

    • User profile image
      jp2code

      Good stuff! I look forward to more ...and running Symbols on apps I created to see what all they are exposing!

    • User profile image
      James G

      Thanks, I was planning on going to bed early tonight but when I saw that defrag was finally back I watched it, and you answered my question, and then a bonus - Andrew Richards back and with a new show. Great tips, now i should probably go and remove my sysinternals suite and debugging tools x64 so I can reinstall everything this way.

    • User profile image
      Robert Sterbal

      I'm looking forward to this series. Are transcripts available?

    • User profile image
      windev

      @Robert Sterbal: At the moment, we have no plans to make transcripts.  The Sysinternals Administrator's Reference is a good substitute in their absence.

    • User profile image
      windev

      @jp2code & All:  The next tool is a (long) episode on Process Explorer, then two shows on Process Monitor (one on the application and one showing examples), then Autoruns, and then ...

    • User profile image
      Mattycooper

      Great Show.

      I getting all my friends and workmate to watch.

    • User profile image
      darylb

      @windev: no prob RE omission, loved the TR15 lvl 400 debug session, just had to find this show and keep the goodness rolling on, SEE's rock!

    • User profile image
      Joe

      Very useful idea for the show, thank you.

      I didn't get what the other two variables are for (_NT_SOURCE_PATH; _NT_SYMCACHE_PATH)? For symbols to work in ProcExp it needs only _NT_SYMBOL_PATH, right? And if I'd like to run it from USB stick, can I just set path in Symbols Settings menu of ProcExp to the Syms folder on flash drive? Except for size and speed are there any other concerns in doing that?

      Is there a way to download all the current MS symbols for let's say Windows 7 at once, not the .iso file?

      Th

    • User profile image
      samhmaria

      Great show. And look forward to all the shows in the series. 

    • User profile image
      windev

      @Joe:  If you have a enough space, definitely set the path to the USB Stick. I'd definitely do this if I was using one of those self-powered 2" harddisks. You'd use X:\My\... instead of C:\My\...

      _NT_SOURCE_PATH is used by Process Monitor and VMMap (and more).

      If you are internal to Microsoft, set the _NT_SOURCE_PATH and _NT_SYMBOL_PATH to the same value. The internal symbol server can download source code, as well as symbols and executables (images).

      _NT_SYMCACHE_PATH is used by Windows Performance Toolkit (xPerf)

      I'll dive deep in to these environment variables again when I do the VMMap, WPT and Debugging Tools episodes.

    Comments closed

    Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.