Posted by William Diaz on October 28, 2011
While doing some troubleshooting on a workstation one evening, I wanted to run Process Monitor but encountered the following error: “Procmon was unable to allocate sufficient memory to run. Try increasing the size of your page file.”
As seen here, the available memory and page file size were sufficient:
Read the rest of this entry »
Posted in Uncategorized | Tagged: Process Monitor | 1 Comment »
Posted by William Diaz on October 14, 2011
Our Production ISAs’ have an added cloud-based layer of security to protect our network from malicious web content. Every now and then, though, we run into false-positives. Some of these are:
Intentionally Corrupts Downloads
The Case Of The Corrupt Download & The Case of the Zip File That Wouldn’t Open
Stops web pages from loading by preventing the execution of legitimate scripts: Read the rest of this entry »
Posted in Troubleshooting | Tagged: IE, Networking, Security | Leave a Comment »
Posted by William Diaz on October 14, 2011
Sometimes Microsoft applications do a a good job at identifying the problem module when they crash. For example, in the Windows Vista/7 OS IE crashes with “Internet Explorer has stopped working”. Simply click the Details chevron to and look at the Fault Module Name:
Read the rest of this entry »
Posted in Troubleshooting | Tagged: Crash, Hang, IE, Word | Leave a Comment »
Posted by William Diaz on October 12, 2011
In technical support, there is a common knee-jerk reaction when something doesn’t work in Microsoft Office: run a repair of the product or reinstall it. My colleagues have probably spent several hours combined going through this step countless times. Often (often is 99% of time) this fails to resolve whatever issue they are encountering. Over the course of a few years of troubleshooting Office, a repair has only corrected an issue once ( or maybe twice). In our case, it’s the nature of the custom environment that is chock-full-o-add-ins. Other times it is some weird, unexplained element of a document, spreadsheet, or whatever that just doesn’t want to work. Those can be rather complex to figure out sometimes.
That being said, sometimes repairing MS Office fixes issues in areas you might not otherwise think. For example, I recently setup a small document library in SharePoint, but while trying to edit the files from Internet Explorer some of the tech workstations were reporting the following error: “Windows Internet Explorer – ‘Edit Document’ requires a Windows SharePoint Services-compatible application and Microsoft Internet Explorer 6.0 or greater.”
Read the rest of this entry »
Posted in Office, Troubleshooting Tools | Tagged: Internet Explorer, Office, Process Monitor | Leave a Comment »
Posted by William Diaz on October 5, 2011
Sometimes a BSOD is not a sign of a software issue but instead points to a hardware problem and might help explain the symptoms of bad system performance. That was the case recently when a user complained that she was having troubles trying to logon. The workstation was amazingly slow (can slow be amazing?) and then blue-screened on her randomly. My co-worker was handling this but he happens to sit right next to me and I jumped in when I heard the words “blue screen”. I unkindly interjected with “Lets get a minidump.” While he chatted her up, I went about getting her IP, connected via the UNC, went into C:\Windows\Minidump and grabbed the last two mini dumps for that day.
Minidumps excite me. To understand why, you need to have come across a great amount of support calls that usually end up trumping first tier technical support. Often times, these issues are too vague to narrow down if you don’t know how to handle a BSOD, and the incident remains open longer than it needs because it can’t be explained or reproduced immediately. The mini dump provides a means to sometimes quickly resolve what might otherwise become an unexplained system problem.
Minidumps are small, too. Between 64 and 256KB, they only record the smallest set of useful information that could help identify why the system stopped unexpectedly so there would be no problem copying from over a WAN. Once copied over to my workstation, I opened with WinDbg, clicked the !analyze -v hyper command. Both dumps produced identical results: Read the rest of this entry »
Posted in Troubleshooting | Tagged: BSOD, Crash, Dump, Hardware, WinDbg | Leave a Comment »
Posted by William Diaz on October 5, 2011
I recently needed to look into the Group Policy tab in Active Directory Users and Computer from my Win7 workstation but it wasn’t there. Normally, I switch to my XP workstation (cause I have been to lazy to explore this missing tab … until now). With Windows 7 and Server 2008, the GP tab can only be accessed from the Group Policy Management Console. You will need to install the Remote Server Administration Tools for Windows 7 with Service Pack 1 (SP1) to access this console on a Windows 7 PC. Afterwards, enable GPMC from the Control Panel > Turn Windows features on or off > Remote Server Administration Tools > Feature Administration Tools > Group Policy Management Tools.
You can then open the Group Policy Management Console from an mmc or running gpmc.msc. Tip: add both ADUC and GPMC to the same MMC.
Posted in Uncategorized | Tagged: Windows 7 | 1 Comment »
Posted by William Diaz on October 3, 2011
A few years ago I started to see several complaints of Internet Explorer crashing in the course of a couple months. The error was one of the rather vague exception messages thrown at the time of the crash and didn’t allude to anything obvious. Tired of not being able to explain through any of the conventional troubleshooting methods, I did a little research into advanced troubleshooting techniques and came across the Windows XP default debugger, Dr. Watson. Sure it sounds a little cheesy but this is actually a helpful little gem that has assisted me in resolving many cases of unexplained application crashes. And even though Microsoft has done away with drwtsn32.exe in all Windows operating systems after XP, the majority of small and large enterprises are still using XP, which means it should be one of core tools of any Windows XP troubleshooting guru. You’ll also see how, despite Microsoft moving to WER, Dr. Watson can still be leveraged by the Windows Vista/7 OS (just for the hell of it).
To use Dr. Watson, you don’t need to do anything. By default, it is the default Windows XP debugger. When an application experiences a exception of sorts that leads to a crash, ideally it is designed to dump that process and create two files, a plain text drwtsn32.log and a dump file named user.dmp, the latter which requires WinDbg to open and analyze. If you are not sure if Dr. Watson is the default debugger, you can run drwtsn32.exe –i to make it the default. You can also confirm by going to HKLM\Software\Microsoft\Windows NT\CurrentVersion\AeDebug and looking in the Debugger string for drwtsn32 -p %ld -e %ld –g:
Read the rest of this entry »
Posted in Troubleshooting, Troubleshooting Tools, Uncategorized | Tagged: Debugging, Dr Watson, Dump | Leave a Comment »
Posted by William Diaz on October 1, 2011
I don’t trust uninstallers. They always tend to leave something behind. Every now and then one of these orphaned components still ends up not playing well with some other application or the OS, resulting in crashing user-mode apps or the kernel. A good example of this was a previous post where I was experiencing a BSOD when running Process Monitor (read about it here) after installing a Microsoft application.
So, we have a workstation that is about to be sent off to be re-imaged because iLinc, a web conferencing application, is crashing when the user tries to join a session. I intervene because I hate to see these issue written off as unexplained. Who knows, the system gets re-imaged, the user installs some application again and the problem repeats itself (which it would have been the case here).
It happened that Dr. Watson, the Windows XP post-mortem default debugger, was capturing the user-mode crash so I jumped in without hesitation:
Read the rest of this entry »
Posted in Troubleshooting | Tagged: Autoruns, Dr Watson, Dump, Process Monitor, WinDbg | Leave a Comment »
Windows Explored 