Wednesday, October 11, 2006

PTFinder Front End

Andreas posted this on his blog, and I took a look at it...very cool. This is a front-end for running PTFinder, and even allows you to choose which operating system you want to run it against. This makes things a little easier to use.

If you have a RAM dump and don't remember which OS it is, as long as it's between Win2k and Win2K3SP1, you can use my OS detection script.

The neat thing is that you can get output that looks like this. Very cool!

3 comments:

Anonymous said...

Hi

I have a ram dump from WIN2K (ram.dd) and i have installed PTfinderFE, activeperl and Graphviz on WIN2K as well. I want to make the GUI that shows the processes (parent-child relationships) on Grpahviz using PTFinderFE, but it only makes a TempOS.bat file and gives error 62. what should I do to make it work. please please please help me.

Zara

Anonymous said...

Hi

I have a ram dump from WIN2K (ram.dd) and i have installed PTfinderFE, activeperl and Graphviz on WIN2K as well. I want to make the GUI that shows the processes (parent-child relationships) on Grpahviz using PTFinderFE, but it only makes a TempOS.bat file and gives error 62. what should I do to make it work. please please please help me.

Zara

Keydet89 said...

Have you tried contacting the author of the PTFinderFE? Have you tried running my Perl scripts for Win2k memory dumps?