Quantcast
Channel: Sysinternals Forums
Viewing all 10386 articles
Browse latest View live

PsTools : How to repair corrupt exchange server database?

May 18, 2017, 3:45 am
$
0
0
Author: patroo
Subject: How to repair corrupt exchange server database?
Posted: 18 May 2017 at 10:45am

Originally posted by OliverWeaver OliverWeaver wrote:

How to repair corrupt exchange server database?
To repair EDB file, you should use Eseutil and Isinteg, built-in repair tools in Microsoft Exchange Server. Before you can start repairing EDB file via these built-in tools, you need to perform some operations, such as replica creation of the database, dismounting the EDB from the Exchange Server and finally confirmation of disk space. Refer to this blog post for detailed information - Repair Exchange Database with an Easy Manual Trick | N. Sem's Blog

Before you can purchase any paid software, you must try the manual trick shared in the above blog post. I hope the shared information would be helpful here. 

Thanks and best regards.
Search

Process Explorer : Version 16.21.0.0 question

May 18, 2017, 4:14 am
$
0
0
Author: pedropete
Subject: Version 16.21.0.0 question
Posted: 18 May 2017 at 11:14am

I tried yesterday with same result. Tried again today (approx 3 hours ago) and am getting version16.21.0

Autoruns : 64-bit Autoruns properties path err

May 18, 2017, 7:39 am
$
0
0
Author: freesoft00
Subject: 64-bit Autoruns properties path err
Posted: 18 May 2017 at 2:39pm

Test environment:

win7 64 位系统

Win7 64 bit system

autoruns版本13.71

AutoRuns version 13.71

uploads/52166/17945.png
uploads/52166/17946.png
uploads/52166/17947.png
uploads/52166/17949.png
uploads/52166/17950.png
uploads/52166/17951.png
uploads/52166/17952.png
 
64-bit Autoruns There are many path errors, no longer examples.

Autoruns : 64-bit Autoruns properties path err

May 18, 2017, 7:45 am
$
0
0
Author: freesoft00
Subject: 64-bit Autoruns properties path err
Posted: 18 May 2017 at 2:45pm

 
 
 
 
 
 

Autoruns : 64-bit Autoruns properties path err

May 18, 2017, 7:54 am
$
0
0
Author: freesoft00
Subject: 64-bit Autoruns properties path err
Posted: 18 May 2017 at 2:54pm

The picture is not clear when uploaded to the forum.

在云盘上上传了清晰图片。

Clear pictures are uploaded on the cloud disk.
 


Edited by freesoft00 - 1 hour 4 minutes ago at 2:56pm

Process Explorer : Version 16.21.0.0 question

May 18, 2017, 9:19 am
$
0
0
Author: SeattleRain
Subject: Version 16.21.0.0 question
Posted: 18 May 2017 at 4:19pm

Thanks for the heads up!

Process Explorer : Empty AppDomains pane in .Net Performance tab

May 18, 2017, 9:20 am
$
0
0
Author: SaintNick
Subject: Empty AppDomains pane in .Net Performance tab
Posted: 18 May 2017 at 4:20pm

All versions of the past few years I have used, up unto current 16.21, will for a 64-bit 5GB w3wp.exe correctly list the AppDomains on the [.Net Assemblies] tab, but on the [.Net Perfomance] tab the top AppDomains pane is empty. It will however display the performance counters and values in the pane below, but the values it gives for all the GC's are not correct (always 0 or 1).

Am I missing something? Or is this a bug?

Process Monitor : .dll's get SetBasicInformation file called on it?

May 18, 2017, 6:27 pm
$
0
0
Author: dfatsi
Subject: .dll's get SetBasicInformation file called on it?
Posted: 19 May 2017 at 1:27am

Process Monitor shows a bunch of DLL's(user32.dll, ntdll, wow64.dll, etc.. etc..) that have SetBasicInformationFile on it with the times all set to -1.   I thought that was only used when you don't want the times updated for writing, or are they just setting -1 for everything but only wanted it for LastAccessTime ?

Search

Troubleshooting : High CPU interrupts

May 18, 2017, 11:57 pm
$
0
0
Author: harrylane
Subject: High CPU interrupts
Posted: 19 May 2017 at 6:57am

Hi! 

I'm getting bad performance on one of my servers and it's behavior is high CPU interrupts. Sometimes process explorer shows allocation on interrupts to 80% of cpu capacity. The server is running an application named Qlikview which process is very intensive. 

The strange thing is that the server can behave normal during periods of weeks and days but suddenly start with high CPU interrups. The only way to get rid of high cpu interrupts it is to restart the server. I have no idea whats causing this.

I record some data with WER during this state and it points to ntoskrnl.exe. One shows weight on qvb.exe and another to idle.  See screenshots below.

Ran the command xperf.exe" -on PROC_THREAD+LOADER+PROFILE+INTERRUPT+DPC+DISPATCHER+CSwitch -stackwalk Profile+CSwitch+ReadyThread -buffersize 1024 -MaxFile 1024 -FileMode Circular && timeout -1 && "C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit\xperf.exe" -d DPCISR.etl

Here's the output.  https://pastebin.com/vkhDpGhK

Any ideas? Thanks!

/Harry

Troubleshooting : OST to PST Converter

May 19, 2017, 4:37 am
$
0
0
Author: leelan
Subject: OST to PST Converter
Posted: 19 May 2017 at 11:37am

OST to PST Converter tool is a useful utilitythat is able to perform to recovery/conversion of OST Email file into PST file,while maintaining the structure during the conversion process. This software iscapable to convert unlimited OST Emails into create healthy PST file data.

Read More : http://www.bulkecommerce.com/product/ats-ost-to-pst-converter-software/159

Miscellaneous Utilities : ProcDump bug

May 19, 2017, 4:58 am
$
0
0
Author: cogumel0
Subject: ProcDump bug
Posted: 19 May 2017 at 11:58am

As described in this MSDN blog https://blogs.msdn.microsoft.com/granth/2012/07/02/how-to-take-a-memory-dump-of-an-asp-net-application-pool-quickly/ , capturing a crash dump of an IIS ASP.NET process can, in some instances, cause IIS to restart the process before the capture is complete, due to the process being suspended during the capture.

Also according to that blog, the parameter -r should be used, which tells ProcDump to create a clone of the process to create the dump for (focusing on Win8.1 and higher, using PssCaptureSnapshot API).

After some tests, it seems like there might be a bug here. Some processes cannot be cloned using PssCaptureSnapshot (API returns Access Denied). When attempting to clone and subsequently dump a process that cannot be cloned, ProcDump appears to simply ignore the clone flag and still create a dump of the "main" process. There is no visible indication that no clone was made, it just silently carries on with the dump without ever telling the user that capturing a dump straight out of the "main" process.

The reason for the clone is exactly to prevent the "main" process being suspended for a long period of time. To simply continue with the dump when it can't create a clone without telling the user anything or offering a parameter to counter this functionality is a massive problem imho with very real consequences.

I know a brand new version of ProcDump was released just two days ago where improvements where made to scenarios where one might want to perform a dump to IIS ASP.NET processes, but afaik it still does nothing to address this situation and my understanding is that using a clone is always better with things like IIS ASP.NET.

My understanding is that the additions to the new version of ProcDump bring absolutely no advantages when using clones, that these additions are only useful when *not* using clones.

In short, I think it's a bug that a dump of the "main" process is created when the user specifies that he'd like to use clones, even when it fails to create one. At the very least this should be documented with an optional parameter to tell ProcDump *not* to continue in case the clone dumps. In a perfect world the user would be asked what to do after it attempts to create a clone and fails.

Miscellaneous Utilities : ProcDump bug

May 19, 2017, 5:05 am
$
0
0
Author: cogumel0
Subject: ProcDump bug
Posted: 19 May 2017 at 12:05pm

Umm... ok... I *thought* I had tested the latest version and that it was still reacting the same, turns out I was running the old version.

On the new version, it properly throws an error: 

[14:02:55] Dump 1 error: Error writing dump file: 0x80070006
The handle is invalid. (0x80070006, -2147024890)

That being said, the actual error is Access Denied on the PssCreateSnapshot call, so it feels like it's reporting the wrong error and that this message could be made more user friendly.

Process Explorer : How do I "Set Priority" permanently?

May 19, 2017, 6:23 am
$
0
0
Author: gwt10
Subject: How do I "Set Priority" permanently?
Posted: 19 May 2017 at 1:23pm

No answer? 

Is this possible with Process Explorer?  Or should I look at something else?

Any help would be most appreciated.  Thanks

PsTools : psexec and wuauclt

May 19, 2017, 11:11 am
$
0
0
Author: arch0nmyc0n
Subject: psexec and wuauclt
Posted: 19 May 2017 at 6:11pm

Not too sure if anyone can help.
Windows 7 Enterprise SP1
I'm just trying to remotely run wuauclt so I run:
 
PSEXEC \\computername c:\windows\system32\wuauclt.exe /detectnow
I see it running on the machine next to me and return code 0
 
PSEXEC \\computername c:\windows\system32\wuauclt.exe /reportnow
return code 0 (and it's immediately updated in the WSUS MMC)
 
PSEXEC \\computername c:\windows\system32\wuauclt.exe /updatenow
gets return code -2147024891 and nothing happens.
 
So I think maybe the parameter maybe changed or doesn't exist so I run it on the computer myself and it immediately begins installing the 1 update pending. I've tried this several times and it just doesn't seem to want to work. I've tried looking around and while this may not be a PSEXEC issue, I'm hoping someone might be able to tell me wth -2147024891 means...

Process Explorer : How do I "Set Priority" permanently?

May 19, 2017, 7:25 pm
$
0
0
Author: LMiller7
Subject: How do I "Set Priority" permanently?
Posted: 20 May 2017 at 2:25am

Process Explorer cannot set priority permanently.

Note that setting priority does not influence how much memory is allocated to a process. That is not user controllable.
Search

Process Explorer : procexp64 → Menu → Show Details For All Proces

May 20, 2017, 6:45 am
$
0
0
Author: VEG
Subject: procexp64 → Menu → Show Details For All Proces
Posted: 20 May 2017 at 1:45pm

procexp64 → menu File → "Show Details For All Processes" runs procexp.exe, not procexp64.exe. I know that procexp.exe runs procexp64.exe, but in the result I have two processes in memory (procexp.exe and procexp64.exe) instead of one. It is definitely a bug.

It is better to get a filename of current process and run it with admin rights. It is not ok to hardcode the name of an executable file.

Process Explorer : How do I "Set Priority" permanently?

May 20, 2017, 11:19 am
$
0
0
Author: gwt10
Subject: How do I "Set Priority" permanently?
Posted: 20 May 2017 at 6:19pm

Thanks for the response.  I notice my trackpad behaves better when I'm able to set the priority higher  Even if it's only temporary.

If Process Explorer can't set this on a permanent basis, is there anything out there that will?

Autoruns : [BUG] Crash when deleting disabled entries

May 21, 2017, 2:53 am

Autoruns : disable mrxsmb10

May 21, 2017, 2:55 am

Miscellaneous Utilities : handle.exe/handle64.exe: SetThreadErrorMode error

May 21, 2017, 2:58 am
Viewing all 10386 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>