If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!

In the past year alone, I’ve had four near-fatal drive failures, each on a different system. To alleviate some of the pain associated with recovering from these kinds of problems, I’ve been working on building a self-contained, multiboot rescue CD that I can use to bring up a crippled system and perform emergency surgery.

This includes tasks such as repairing a broken partition table, cloning a failing drive to a new disk before the old one dies completely, or simply changing a corrupted file that is preventing the operating system from booting.

There are actually a number of options for building these kinds of things, depending on what you are trying to do. If you just want to fix up a Windows installation, you can use the Windows XP Recovery Console and a boot CD to bring a crippled system far enough along to do rudimentary repair work. (Fred Langa shows how to turn the recovery console into a functional command-line interface in this article. )

If you want something more than that and are willing to invest some sweat equity, you can put together a relatively full-featured Windows-based graphical repair environment by using Bart PE or one of its derivatives. (Fred talks about Bart PE in this article.)

There are also several different Linux-based recovery CD images that are useful for repairing a variety of problems. SystemRescueCD and Recovery Is Possible are two distributions that are designed for general system recovery. Most of the general purpose Linux distributions also provide a recovery image that is specifically optimized for fixing their own installations too.

Another option here is to use plain old DOS as the basis for a recovery CD. As with the other platforms, there are a couple of pre-made recovery toolkits that you can use for this, such as Ultimate Boot CD and 911 Rescue CD, but it’s also pretty simple to build your own.

If you want a single recovery CD that can be used to address the widest array of problems, you’ll probably need to incorporate Linux, Windows XP, and DOS into your build. For example, most of the hardware management tools use DOS as a boot loader, but recovering from system configuration errors often requires full access to the underlying file systems, which typically means booting up a thinned-down version of the installed operating system.

In my case, I chose to put the emphasis on DOS, while also using bootable images of Windows XP and Linux for those times when the DOS tools are insufficient. The reasons? DOS boots faster than any of the other operating systems, meaning that I can get into a busted system quicker. Also, since DOS relies on the system BIOS for most of its device support, I usually need to load only a couple of drivers, and those will easily fit on a floppy boot image, which can’t be said for any of the other platforms. The complete lack of any kind of system security is another benefit, since I don’t have to worry about passwords or file system privileges.

On the other side of the coin, however, working with DOS leads to the unavoidable and unmistakable realization that you are essentially working with abandonware; the operating system is dead for all practical purposes, and the number of available tools is continually diminishing. Access to modern hardware devices can also be tricky, network services are practically non-existent, and even if you get everything working memory management is absolutely miserable.

But despite the shortcomings, the benefits to using DOS for recovery purposes still outweigh the negatives, and for some things it’s downright mandatory. Having said that, if there were a better alternative, I would be running toward it.

Continued at source

My favorite free operating software utilities come from Sysinternals. I just noticed on a blog post by the companies founders that they have been bought by Microsoft. I have mixed feelings about this news as I am a big fan of the software and the free-ness of it and am not sure what will happen to it in the hands of Microsoft.

On the plus side of this transaction is the fact that the creators of these great utilities will not be working directly for Microsoft so they should be able to have influence in keeping the code tight and features to admins rich. But on the bad side we will probably not see any new utilities from Sysinternals and with Vista coming who knows how well the apps will continue to work.

If you have not browsed through already you should not take a look at these free, mostly command line, utilities from Sysinternals and grab what you need. These are fantastic products that have saved me countless hours in diagnosing and troubleshooting Microsoft Windows machines both at the workstation and server level.

Windows Fundamentals for Legacy PCs (WinFLP) is a thin-client operating system from Microsoft. It was originally announced with a codename of Eiger and Mönch in mid-2005, and was released on the 8th of July 2006.

Microsoft’s intent is to provide a thin-client operating system that will provide basic computing services on older hardware, while retaining much of the modern core technology in Windows XP Service Pack 2, such as Windows Firewall, Group Policy, Automatic Updates, and other management services. Users would typically make use of line-of-business applications that are hosted on a remote server using Remote Desktop. This version of Windows will not support wireless networks, dial-up, or VPN connections, but it will support operating as a diskless workstation and remote booting.

WinFLP is not intended to be a general-purpose operating system, and as such will not be made available through retail or OEM channels. Microsoft sees WinFLP as an inexpensive upgrade option for corporations that have a number of Windows 9x computers, but won’t invest in new hardware to support a full operating system. It is available to Software Assurance customers.

Just like previous Microsoft Windows codenames, Whistler and Blackcomb, Eiger and Mönch are mountains. Whistler and Blackcomb are in British Columbia, Eiger and Mönch in Switzerland.

Minimum System Requirements

• 64MB RAM (128MB Recommended)


• Pentium class processor


• 500 MB HDD (1GB recommended)


• 800×600 screen resolution or higher


• Network Interface Card

Microsoft was hit this week with a lawsuit claiming that its anti-piracy software is, in fact, spyware, but called the action “baseless” and defended how it installs Windows Genuine Advantage validation and notification tools.

The lawsuit, which was filed Wednesday by Brian Johnson of Los Angeles in a Seattle federal court, asked for class-action status on claims that Microsoft’s WGA software mislead users as to its true purpose, failed to obtain consent before installing, and transmitted data to the Redmond, Wash. company’s servers.

“Microsoft’s actions violated state consumer protection and anti-spyware statues,” read the complaint. The papers cite California and Washington state laws that Microsoft has allegedly broken, including ones on the books in both states which define and ban spyware.

WGA, which just moved out of a pilot program in the U.S. and several other countries to take a permanent role in combating piracy, consists of two tools downloaded to users’ machines: one, dubbed Validation, checks for a legitimate copy of Windows XP, while the second, called Notification, displays on-screen warnings until the user ditches the counterfeit copy.
Read the rest of this entry »

Have you used either Regmon or Filemon before? These are a couple of great products at the Sysinternals site that allow you to see and save in real time what is going on on a PC.

The job of Regmon is to help you see exactly what registry keys are being accessed by applications. As you can imagine some files will access very many registry keys and when you allow the application to run it will spit out thousands of lines of data very quickly. There is no other way that I know of in Windows to get this kind of information.

After you unzip and run regmon you will get the following window.

When you launch Regmon it quickly starts scrolling down with all of the registry keys being accessed. On the toolbar for the program there are some buttons that will definitely help you make sense of this.

The magnifying glass will allow you to toggle the capturing or not capturing of the registry keys accessed, the scrolling will allow the info to scroll by and the next button over will clear what is in the results. The best way that I have found to use Regmon is to start it and let it run and then stop the capturing and right click on keys that you do not care about, maybe antivirus or other ones that are clogging your display and then clear the results and start the capture again until you get to the point that here is not much running through. After the program is going well for you you can launch the application that you are having trouble with and see what is a problem if anything. It does not take long to find a problem that you are looking for once you get used to the application and do not worry about all of those file not found lines, usually I mostly try to narrow problems down to access denied where the “user” running the application odes not have rights to that registry key

Filemon is very similar to Regmon in the way that it works. You will get a similar, very fast running of all of the files being accessed and this infomration is sometimes very hard to sift through.

After you have executed Filemon you can use its toolbar to stop, scroll or clear the items on the screen.

Just as you do with Regmon it is important to pause, start right clicking on those unneccesary processes that you do not want to follow and selecting exclude, and to clear and then resume the display again.

The nice thing about Filemon and Regmon is that they are very small programs that can fit on your troubleshooting CD and are standalone, they have no dependencies on other applications. One other very great thing is that both of these programs are free.

One tip that may help you as well with both of these applications is that if you are running them and having trouble sifting through the infromation you can stop the capture, save the file as a .log file and then open the log file in Excel as a comma or tab delimited file and use the autofilter to find what you are looking for.

One drawback to using Filemon and Regmon is that the first few times that you use either program it will seem daunting because of the huge amounts of information that you are presented with, but, after you understand the interface and after you have a little experience using both Filemon and Regmon you will have a much better way of troubleshooting previously unresearchable problems. I have used both of these programs extensively in the past to find where programs have failed and have had great success in eventually diagnosing a problem and then implementing a fix.

Today in using my MSN Messenger at work I noticed that there were a couple people with the new Windows MSN Live messenger. I had to check it out. I remember back when I stopped using ICQ because it was so bloated and it was aa 4 megs download. This new Messenger download was just over 15 megs.

The MSN Messenger interface is a little better and it added a link to Outlook that tries to find Messenger contacts from all of the hotmail addresses in your Outlook but the neatest feature is a shared flofer. You can setup a folder so that you can share out files to infividuals that you are in cintact with and the interface for it is pretty slick.

Watch out Google. It looks liek Microsoft may be biting at your ass.

I used to hear that it was a good idea to defragment your hard drive in safe mode as it would be able to defragment more of the drive. I just did a defrag and decided to check on this and there is not much that is not defragged so I would not worry about it. Here is what Microsoft has to say about defragging as well as info on the Master File Table :

The following files are permanently excluded from being defragmented. These files may be displayed in the analysis report as still being fragmented no matter how many times you defragment the drive.

Moving the following file can cause desktop problems, if the Recycle Bin or the Recycler folders are removed:
%SystemRoot%\ShellIconCache
Moving the following files (if present) can cause desktop problems:
Safeboot.fs
Safeboot.csv
Safeboot.rsv
Bootsec.doc
The following files are unmoveable system files. They are always displayed in green in the defragment analysis display:
• NTFS Master File Table (MFT) and Reserved MFT Zone: Usually contiguous at the very beginning of a NTFS volume but can become fragmented if many files and folders are added to a volume.
• NTFS Master File table Mirror (MFTMirr): Usually located in the middle of a volume and is already contiguous.
• Virtual Memory Paging file: Used for temporarily swapping pages of memory to disk.

Adjusting the MFT
Although you cannot defragment the MFT once it becomes fragmented using the Disk Defragmenter, there is a way of preventing MFT fragmentation, or at least reducing the possibility of it becoming fragmented by reserving space for it ahead of time.

To determine how large the MFT is, how many fragments there are, and what percentage of the MFT is in use on an NTFS volume, perform a Disk Defragmenter analyze operation to generate a report. View the report and look for the following section under Volume Information:
Master File Table (MFT) fragmentation.

Use this information along with the following article in the Microsoft Knowledge Base to adjust the NtfsMftZoneReservation value, back up and reformat the volume to create a contiguous MFT using the higher zone reservation space, and then perform a full volume restore:
174619 (http://support.microsoft.com/kb/174619/EN-US/)

.

If you are not already aware Citrix metaframe allows a users to run applications remotely. A server can reside in one place and users can access applications on that Citrix server from anywhere on the network using an easily downloadable Citrix client or a java client that is packaged with the Citrix Metaframe server. This is definitely an advantage for most organizations as it simplifies versioning of applications as well as troubleshooting of apps as the only problem is usually on the server side not the client side.

Last year when i was trying to learn more about Citrix Metaframe servers I ran into lots of info that I compiled into a list for how to optimize metaframe servers. Here is a document with 163 metaframe server optimization fixes for you. Hope this helps in troubleshooting and making sure that your Citrix Metaframe network is as good as it can be.
Read the rest of this entry »

A little application. The Dell De-Crapifier…is an app that allows you to get rid of all of the preloaded, unneeded, trial software that gets loaded on your new Dell desktop or laptop before it leaves the factory

If you use MSN Messenger to keep conversations online that this post is for you. I used Messenger Plus a few years ago and man a lot has changed.

Messenger Plus! | Download.

Go there now and try out lots of new features for Messenger like floating Windwos for any users you do a lot of IM with, logging of messages, encryption, a way to stop the boss from seeing your messenger windows with a keyboard shortcut . And many more features.