|
Log Files for Windows XP |
| Windows Cannot Open Windows XP .blg Log Files | |
| How to Delete Corrupt Event Viewer Log Files | |
| Dump Event Log for Windows XP | |
| System Restore: Description and Functionality of Srdiag.exe | |
| Boot Logging the Startup Process in Windows XP | |
|
To Delete Log Files Used for Troubleshooting in Windows XP |
|
| WMI Event Trace Does Not Contain CID or Client Computer Name | |
| HOW TO: Create and Configure Performance Monitor Trace Logs | |
| Log the Success and Failure of Key Application Events in Windows XP | |
| Gathering Blue Screen Information After Memory Dump | |
| How to Use Dumpchk.exe to Check a Memory Dump File | |
| Reading Small Memory Dump Files Created by Windows | |
| HOW TO: Configure Recovery Techniques in Windows XP |
Memory Dump Regedits
Specify the Small Memory Dump Directory
This setting is used to specify the location of the small dump directory which
stores a small set of useful information when a system stops unexpectedly. Open
your registry and find the key below. You may need to create the key if it does
not already exist.
Create a new Expanded String value, or modify the existing value, called 'MinidumpDir'
and edit the value according to the settings below.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\
CrashControl]
Value Name: MinidumpDir
Data Type: REG_EXPAND_SZ (Expanded String Value)
Exit your registry, you may need to restart or log out of Windows for the change
to take effect.
Specify the System Crash Dump File Location
This tweak is used to specify the location where the dump file should be written
after a system crash.
Open your registry and find the key below. You may need to create the key if it
does not already exist.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\
CrashControl]
Value Name: DumpFile
Data Type: REG_EXPAND_SZ (Expanded String Value)
Value Data: File Location
Create a new Expanded String value, or modify the existing value, called 'DumpFile'
and edit the value according to the settings below.
Exit your registry, you may need to restart or log out of Windows for the change
to take effect.
Control the Dump Creation Method
This tweak controls whether the system should create a new dump file and
overwrite the existing file or whether it should append data to the old dump
file when a system crash occurs.
Open your registry and find the key below. You may need to create the key if it
does not already exist. Create a new DWORD value, or modify the existing value,
called 'Overwrite' and edit the value according to the settings below.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\
CrashControl]
Value Name: Overwrite
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = append, 1 = overwrite)
Exit your registry, you may need to restart or log out of Windows for the change
to take effect.
Control Whether Windows Logs a System Crash
This setting controls whether Windows logs a system crash to the event log, this
will allow the exact time of the crash to be permanently recorded.
Open your registry and find the key below. You may need to create the key if it
does not already exist. Create a new DWORD value, or modify the existing value,
called 'LogEvent' and edit the value according to the settings below.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\
CrashControl]
Value Name: LogEvent
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = disabled, 1 = enabled)
Exit your registry, you may need to restart or log out of Windows for the change
to take effect.
Create a System Crash Dump File
This setting controls whether Windows creates a dump file of the computer memory
when a system crashes.
Open your registry and find the key below. Change the value of "CrashDumpEnabled"
according to the options in the table below.
0 = None
1 = Complete memory dump
2 = Kernel memory dump
3 = Small memory dump (64KB)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\
CrashControl]
Value Name: CrashDumpEnabled
Data Type: REG_DWORD (DWORD Value)
Restart Windows for the change to take effect.
|
New Command-Line Tools |
The following table lists the new
| Command | Features |
|---|---|
| bootcfg | Configures, queries, or changes Boot.ini file settings. |
| defrag | Locates and consolidates fragmented boot files, data files, and folders on local volumes. |
| diskpart | Manages disks, partitions, or volumes. |
| driverquery | Queries for a list of drivers and driver properties. |
| eventcreate | Enables an administrator to create a custom event in a specified event log. |
| eventquery | Lists the events and event properties from one or more event logs. |
| eventtriggers | Displays and configures event triggers on local or remote machines. |
| fsutil | Manages reparse points, managing sparse files, dismounting a volume, or extending a volume. |
| getmac | Obtains the media access control (MAC) address and list of network protocols |
| helpctr | Starts Help and Support Center. |
| ipseccmd | Configures Internet Protocol Security (IPSec) policies in the directory service, or in a local or remote registry. Ipseccmd is a command-line version of the IP Security Policies Microsoft Management Console (MMC) snap-in. |
| logman | Manages and schedules performance counter and event trace log collections on local and remote systems. |
| openfiles | Queries, displays, or disconnects open files. |
| pagefileconfig | Displays and configures the paging file Virtual Memory settings of a system. |
| perfmon | Enables you to open a Performance console configured with settings files from Windows NT 4.0 version of Performance Monitor. |
| prncnfg | Configures or displays configuration information about a printer. |
| prndrvr | Adds, deletes, and lists printer drivers from local or remote print servers. |
| prnjobs | Pauses, resumes, cancels, and lists print jobs. |
| prnmngr | Adds, deletes, and lists printers or printer connections, in addition to setting and displaying the default printer. |
| prnport | Creates, deletes, and lists standard TCP/IP printer ports, in addition to displaying and changing port configuration. |
| prnqctl | Prints a test page, pauses or resumes a printer, and clears a printer queue. |
| relog | Extracts performance counters from performance counter logs into other formats, such as text-TSV (for tab-delimited text), text-CSV (for comma-delimited text), binary-BIN, or SQL. |
| sc | Retrieves and sets information about services. Tests and debugs service programs. |
| schtasks | Schedules commands and programs to run periodically or at a specific time. Adds and removes tasks from the schedule, starts and stops tasks on demand, and displays and changes scheduled tasks. |
| shutdown | Shuts down or restarts a local or remote computer. |
| systeminfo | Queries the system for basic system configuration information. |
| taskkill | Ends one or more tasks or processes. |
| tasklist | Displays a list of applications, services, and the Process ID (PID) currently running on either a local or a remote computer. |
| tracerpt | Processes event trace logs or real-time data from instrumented event trace providers and allows you to generate trace analysis reports and CSV (comma-delimited) files for the events generated. |
| typeperf | Writes performance counter data to the command window or to a supported log file format. |
| WMIC | Eases the use of Windows Management Instrumentation (WMI) and systems managed through WMI. |
|
Resource Kit & Similar Downloads |
| List Loaded Drivers- Displays Installed Device Drivers | |
| XP Application Compatibility Toolkit - NEW | |
| Registry Tool- Registry Editor and System File Utility | |
| Trace Problems With Your Internet Connection | |
| Microsoft Personal Security Advisor |
XP Support-
01/01/2005 12:43 AM -
Home Page WinXP
© Copyright Kelly Theriot MS-MVP(DTS) 2005. All rights reserved.