Note: this content originally from http://mygreenpaste.blogspot.com. If you are reading it from some other site, please take the time to visit My Green Paste, Inc. Thank you.

A recent topic in the Development forum at Sysinternals Forums contains some information about how to use Visual C++ 2008 to create binaries that run on Windows 9x and NT. For NT, it seems to just be a matter of changing the Subsystem Version to 4.0. One might think to use the /SUBSYSTEM linker switch for this. However, when one attempts to do so, the shipping link.exe reports:

LINK : warning LNK4010: invalid subsystem version number x.y; default subsystem version assumed

In this case, the default subsystem version is 5.0, and NT needs 4.0. One can use an older copy of EditBin.exe to change this (I found the version that shipped with Visual Studio .NET 2003 to work):

editbin /SUBSYSTEM:CONSOLE,4.0 c:\path\to\your.exe

The same requirement also exists to get the executable to run on Windows 9x, but one needs to do a bit more work.

Louis Solomon has taken the time and

This isn’t what I want to be writing about. But a recent discovery compels me to do so. So, I’ve decided to make this an experiment, and beg your apologies that this will not have much technical merit despite the title.

After the last post, Set the Priority of a Process By Name Automatically, in Vista (which probably could have been named a lot better), I discovered that the post had made its way to some other sites. These sites appear to pull content from all over the web, package it up as their own, and toss ads all over it. One is lucky if the site even references the original author or links back to the original location of the post. It’s frustrating, to say the least. I’m all for distribution of knowledge and the like, but that’s taking it too far. Maybe I shouldn’t feel this way, but I (like others) put brain sweat and time into the work I do, and it would be nice if the source of the information would at least be cited if they’re going to republish it without the author’s consent.

So I visited two of these sites (which I have

…

The other day I was playing around with the Image File Execution Options and Sysinternals’ Process Monitor, in Vista. I saw an interesting query take place. Using notepad.exe as an example, I saw a query for a key called “PerfOptions” in [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\notepad.exe] when I ran notepad. The result was NAME NOT FOUND, so I decided to rectify that. After adding a key named “PerfOptions”, I ran notepad again. In Process Monitor, I saw queries for four values:

• IoPriority
• PagePriority
• CpuPriorityClass
• WorkingSetLimitInKB

Because of recent explorations with process priorities*, CpuPriorityClass grabbed me right away. Looking at the SetPriorityClass function, one can see the different values for the dwPriorityClass parameter. I created a REG_DWORD named CpuPriorityClass in PerfOptions, and set the value to 0×80 in the hopes that notepad would launch with “HIGH_PRIORITY_CLASS”. Instead, it launched with a priority of NORMAL_PRIORITY_CLASS (8) - the setting had not made any impact. Then, I set the value to 8 and launched notepad. Notepad launched with a priority of 8. I changed the value to 4, and that had no impact. I changed the value to 0 - no impact. I tried 10 - no impact. I couldn’t see any

…

Every once in a while you notice that your hard drive is working extra hard for what seems like no reason. A background process has taken your hard drive hostage, forcing it to thrash loudly as it struggles to keep up with the high rate of reads and writes. Your computer responds slowly as the process overloads the physical limitations of your drive. What are you to do?

The solution is simple, although a little tricky at times: identify and stop the process that is killing your drive. There are two methods and tools that you can use to identify the process. (more…)

computer, disk operations, download process explorer, down arrow, Drivers, explorer 2, Hardware, hard drive, hostage, menubar, performance tab, processes, reliability, responds, struggles, sysinternals

Previously (Part 1: Introduction - What’s using my CPU?), I kicked off what I expect to be a multi-part series on determining what is causing excessive CPU consumption, outside of the normal “which process has the highest value in the CPU column in Task Manager”.

Before I get into things, a little bit of background may prove useful or mildly entertaining. Over on “Sysinternals Forums”, there were recently two similar problems that both involved excessive CPU utilization that was not attributable to a specific process. I became involved in both problems and attempted to use similar techniques to get additional information with the hopes of ultimately being able to pinpoint the problem. What may make this mildly entertaining is that in both cases, there was limited or no success in detetmining the cause of or solution to the problem. In the end, one problem was resolved by disabling the floppy disk controller, and the other problem appears to be as of yet unresolved. (In the latter case, the poster did admit that the system was experiencing hardware problems - the chipset fan was dying and there…

Recently, I have been involved in attempting to diagnose problems with excessive CPU utilization. Often times, this type of thing is relatively easy to identify - at least as far as pointing the finger at the thing that is consuming CPU cycles. Task Manager can be used for this - simply sort the “CPU” column in descending order and note the process that is at the top of the list. One can use a similar technique with Process Explorer.

In the past (here and here), I’ve given examples that demonstrate various techniques that can be used to try to determine what a process is doing when it is consuming so much CPU. Sometimes, you can do something about it - if you have the debugging symbols, perhaps there is something in the stack of the thread or threads in the process that is consuming the CPU that will lead you to some setting, feature, or configuration piece that can be manipulated so as to avoid the problem. Or perhaps just knowing the module name is enough information to identify the problem software - a recently installed add-in / plug-in, or a new utility,…