Category Archives: WinDbg

Case of the Missing Printer Ports

A Citrix environment had both Windows Server 2008 R2 published desktops and Windows 7 SP1  VDIs On the Windows 7 VDIs the ports tab on printers added via a print server was always empty. We did a quick comparison between … Continue reading

Posted in API Monitor, Citrix, PowerShell, WinDbg | Tagged | Leave a comment

Decompile Compiled VBS EXE with WinDbg

In this case we are looking  at a 32-bit EXE with WinDbg (x86) from the Windows SDK. This exact process may or may not work depending on how the script was compiled, but the technique will be similar for many … Continue reading

Posted in Reverse Engineering, WinDbg | Tagged | Leave a comment

Debugging / Viewing Windows Update Log on Windows 10 Insider Builds

Having confirmed with WinDbg team currently insider builds don’t get public symbols unless it is a major release (They are looking into a solution….) How are we going to debug anything on bleeding edge systems “Fast Track Updates” in the … Continue reading

Posted in Fiddler, ProcMon, WinDbg, Windows 10 | Tagged | 5 Comments

Extract Module Info From a DMP File with PowerShell

Modify $cdb to point to CDB.exe from Windows SDK Debugging Tools. At end of script contains usage example… Script can be downloaded here http://1drv.ms/1MEeIqD Set-StrictMode -Version 2.0 # path to CDB from Windows SDK Debugging Tools $cdb = "C:\Program Files … Continue reading

Posted in PowerShell, WinDbg | Tagged | Leave a comment

Case of the Invoked Hang (.NET)

A .NET application was hanging completely when certain background tasks were occurring. Using ProcDump (http://live.sysinternals.com/Procdump.exe ) with option Procdump –ma <process name> i captured a 3 dump files about 10 seconds apart, to identify where hang was occurring. Opening dmp … Continue reading

Posted in .NET, Debugging, IL, WinDbg | Tagged | 2 Comments

Case of the Skype for Business 2015 “Operating System is not presently configured to run this application”

On Windows 10 build 10162 after installing Office 2016 Skype for Business started throwing the error: The operating system is not presently configured to run this application. Using Task Manager I right clicked lync.exe and created a dump file. Opening … Continue reading

Posted in Click2Run, Office, WinDbg, Windows 10 | Tagged | 2 Comments

Experimental Use of 64-bit Dump of 32-bit .NET Process in WinDbg

A .NET dmp file is typically best captured as 32-bit for 32-bit process. On x64 system this could be using the 32-bit task manager (C:\windows\syswow64\taskmgr.exe), WinDbg (x86), or a tool like ProcDump (http://live.sysinternals.com/ProcDump.exe ) However what if a 32-bit .NET … Continue reading

Posted in .NET, 64-bit, Patching, WinDbg | Tagged | 3 Comments