The Case of the Reverting Office Theme (resolved with a long-running Procmon trace)

Several times a day, all my Office apps kept reverting to the default “Colorful” theme, even though I had set it to the “White” theme. I prefer the “White” theme because I customize the Quick Access Toolbar in my Office apps with extra icons. Those icons have colors, and the oddly-misnamed “Colorful” theme renders them…

0

Troubleshooting with the Windows Sysinternals Tools – now available!

Over three years ago, I announced that Mark Russinovich and I had signed a contract with Microsoft Press to write the Second Edition of the Windows Sysinternals Administrator’s Reference. I figured it would take a year to finish it. I underestimated. 🙂 But Mark and I are happy that we can finally tell you that Troubleshooting with the…

1

The Case of the App Install Recorder

Adapted from the forthcoming book, Troubleshooting with the Windows® Sysinternals Tools, by Mark E. Russinovich and Aaron Margosis. A customer had nearly a dozen software packages that wouldn’t install on Windows 7 x64. Every installation program failed immediately with an error message like the one shown in the screenshot below. However, they all installed successfully…

14

Sysinternals at TechEd US 2014: LIVE

Sorry for the late notice, but I just saw this: Sysinternals Primer: TechEd 2014 Edition will be airing live on Channel 9 starting at 5pm Central Daylight Time today.  (That’s in just over 4 hours from now as I write this.) Not sure about the link – try either https://channel9.msdn.com/Events or https://channel9.msdn.com/Events/TechEd/NorthAmerica/2014/DCIM-B340 [Update 5 September 2014: …

8

Sysinternals at TechEd US 2014

I’ll be presenting “TWC: Sysinternals Primer: TechEd 2014 Edition” in Houston, Tuesday, May 13, 2014, 5:00pm-6:15pm US Central Time.  Lots of cool stuff, including the “App Install Recorder” (I will post the scripts on this blog); great new features that Mark Russinovich has added to AccessChk, SigCheck, Process Explorer, and how you can use them proactively to…

2

I’ll be on Defrag Tools (Channel 9)

Earlier today I finally got the chance to go into the studio to appear on the “Defrag Tools” show on Channel 9.  We talked about the upcoming Sysinternals book I’m writing with Mark Russinovich, and demonstrated a very cool “App Install Recorder” built with Process Monitor and some PowerShell scripts. The episode will go live next Monday,…

6

Speaking at Washington DC IT Pro Camp, Sat. Feb. 22, 2014

Microsoft is pleased to announce the first Washington DC IT Pro Camp on Saturday, February 22 2014 from 8:00 am to 5:00 pm at Microsoft Training Center 5404 Wisconsin Ave, Suite 700 Chevy Chase, Maryland 20815 Parking and admittance to this event is free. Lunch will  provided. Please Register soon and let friends and colleagues know about this…

0

Redefining what "Never doing that again" means… Troubleshooting with the Windows Sysinternals Tools, Second Edition

When people asked me what it was like writing a book, I’d invariably answer, “It was a once in a lifetime experience.  I hope.”  When they asked, “Are you going to write another one?” my answer was always, “No.”  (Actually, my answer was more emphatic than that, but this professional blog site’s policies don’t permit me…

8

VirtMemTest: a utility to exercise memory and other operations

I wrote the first versions of VirtMemTest while working on the Windows Sysinternals Administrator’s Reference.  The utility made it easy for me to perform a variety of memory operations and to observe how different Sysinternals utilities reacted to them.  I eventually added CPU-stress capabilities, hung UI simulation, and crash-on-exit, particularly for exercising ProcDump.  I have…

3

Sysinternals – and Pass the Hash – at TechEd next week.

There are five talks highlighting the Sysinternals utilities at TechEd North America next week in New Orleans.  They all happen to be on Thursday, June 6.  Click the session titles for more information.  The videos should be on Channel 9 within 24 hours of the talks. Hardcore Debugging Andrew RichardsJune 6, 2013 from 10:15AM to…

1