1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

SysInternals software users: Updates, & new site @ Microsoft Technet 4 them

Discussion in 'General Software' started by Alec§taar, Nov 9, 2006.

  1. Alec§taar New Member

    Joined:
    May 15, 2006
    Messages:
    4,677 (1.57/day)
    Thanks Received:
    94
    Location:
    Someone who's going to find NewTekie1 and teach hi
    See my subject-line/title for this thread above, & this URL:

    http://www.microsoft.com/technet/sysinternals/default.mspx

    :)

    * If you use their softwares & find them useful? You may wish to spend some time downloading their programs again...

    (Many have been updated since they were purchased by Microsoft, so have @ the updated tools! I wouldn't say most have had "major" upgrades done to them, maybe only putting the MS name into them in some cases only, but nevertheless, they've been updated!)

    * PLUS, A "new program" from them is out now, called "Process Monitor"...

    (This new one does the job of BOTH regmon & filemon is in them now, & it's probably one you will wish to have instead of those 2 from which it is derived!)

    APK
  2. Jimmy 2004

    Jimmy 2004 New Member

    Joined:
    Jan 15, 2005
    Messages:
    5,491 (1.58/day)
    Thanks Received:
    267
    Location:
    England
    Read this on tweakguides the other day but didn't realise the software was actually any different, just that it was bundled for M$ now... I'll have to take a look.
  3. Alec§taar New Member

    Joined:
    May 15, 2006
    Messages:
    4,677 (1.57/day)
    Thanks Received:
    94
    Location:
    Someone who's going to find NewTekie1 and teach hi
    I mention that myself above, that some may ONLY have new "Microsoft" TM's & such applied & only bear "point release" model updates...

    Still, there are new models too, such as the "Process Monitor" (combines the functions of regmon & filemon into 1 app now).

    DO THAT! I say that, because some MAY be more than "embedding MS trademarks" into them...

    Example of 1 I KNOW needed an update to get it "right/perfect", or @ least it used to, because I found a "hardcode" in it a few years ago... one hardcode was corrected, the other 3 not though last time I checked!

    The program in question?

    Pagedefrag.exe, it needed an update last time I checked!

    I helped Dr. Russinovich make 1 alteration to it back @ the end of 2002, pointing out to him that folks move their pagefile.sys to 2nd HDD's (other than C:\ base system drive) to gain performance...

    He concluded it was a GOOD move that my advice was about, & fixed that per my request & noting to him WHY it needed doing, & where in his code + what "NtNativeAPI" calls would be needed/used for this, since the program partially operates in that mode (prior to Windows bootup, like ExecutiveSoftware &/or Raxco PerfectDisk BootTime defraggers work & when).

    BUT, the same principal exists for the EventLogs as well, simply because they ARE 'moveable' also, just like pagefile.sys locations are, albeit via manual registry hacking (no GUI for it afaik)!

    You can do that right here in the registry in their FILE entry data area (once you get to these paths in the left-hand side pane of regedit.exe, look @ the FILE value in the right-hand side pane):

    ========================

    SYSTEM EVENTLOG:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\System

    -------------------------------

    APPLICATION EVENTLOG:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application

    -------------------------------

    SECURITY EVENTLOG:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Security

    ========================

    * I'm (for instance/example) a person that moves those to my solid-state disk here (also for speed of seek/access to them), so they don't frag themselves or other files around them on disk, & also so that my C:\ main OS & programs disk so it is NOT 'burdened' by read/writes to those log files...

    Same idea as moving your pagefile.sys!

    APK

    P.S.=> I wonder if he fixed that in that particular program, or not... it does need doing, the removal of hardcodes to the EVENTLOGS (3 of the default ones in SYSTEM, APPLICATION, & SECURITY ones, but also others that ARE POSSIBLE, such as when you add serverclass wares to NT-based OS' like DNS etc. which also may form logs in the EventViewer) in its code.

    (Again: For EXACTLY the same reasons he fixed it up before per my advice, regarding pagefile.sys placement identification NOT being "hardcoded" into that app also)... apk
    Last edited: Nov 11, 2006
  4. Alec§taar New Member

    Joined:
    May 15, 2006
    Messages:
    4,677 (1.57/day)
    Thanks Received:
    94
    Location:
    Someone who's going to find NewTekie1 and teach hi
    ^
    |

    "up, Up, UP!!!"

    :)

    * For interested users of this software...

    APK
  5. Slater Guest

    I couldnt believe it when they were taken by Microsoft.

    I'm afraid of using some of thoseprograms now...

    Like the SDelete, can I really trust is securely deletes files? Maybe it sends them to Microsoft....

    Know aht I'm saying?
  6. Urlyin

    Urlyin Senior Moderator

    Joined:
    Aug 17, 2004
    Messages:
    2,337 (0.65/day)
    Thanks Received:
    125
    Man that's to bad they have been Assimilated ... use Winternals Adminstrator alot.. I hope they continue to provide some of the tools as they have always been available for DL and not rolled up into Resource kits ... :slap: thanks for the update Alex :)
  7. Jimmy 2004

    Jimmy 2004 New Member

    Joined:
    Jan 15, 2005
    Messages:
    5,491 (1.58/day)
    Thanks Received:
    267
    Location:
    England
    Well M$ have kept them free for now so get them while you can.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page