Process Monitor for broken programs
Many windows admin guys use Process Monitor or Filemon and Regmon. It is like ford vs old ford at my old job. Some guys can’t deal with building filters and like getting less data while using filemon and regmon. Some of them also can’t deal with anything that doesn’t have a carburetor or a “Sun” sticker on the front.
ANYHOW, Process Monitor is the best tool ever for windows admins when a program doesn’t work. I’ve used this a lot to help people find file permission errors, help vendors find faulty modules of their programs etc. So here is an example… Custom program for a distribution company I support on the side. It sends data from a form off to a fax program sitting on a server. The tech support guy wants to log in to the domain controller for some reason instead of telling me what to change there. I told him I thought it looked like some client permission problems. He was trying to shotgun it bad by giving the users group Domain Admin permissions. For some reason I said no. Here comes Filemon for that one. I start up the distribution program, hit control E on filemon, run the fax button, hit control E to stop. And viola! That tells me there are all sorts of write operations failing to c:\users\blahblah. So I change those around on the client machine instead of adding all users to Domain admin as tech support guy had suggested.
Another example – Autodesk used to have all their apps set up to run as Admin or Power user. I couldn’t give smarty smart little engineering students power user. So I used to run filemon and regmon to track down every little access in autocad and viz and land desktop etc. I had all Autodesk apps running as a user across about 500 machines. Pretty fun when the Autodesk rep came for a demo day. They thought I had magic powers thanks to filemon and regmon.
This sort of thing comes up all the time. Today I was trying to help the good people at Curse gaming. I ran this trace and figured out they are having some sort of strange problem with “Fast IO disallowed” Now I get to learn about that and help them fix it. 🙂