martedì 30 agosto 2016

StorDiag.exe: new Windows 10 Storage Diagnostic tool

StorDiag.exe is a new command line drive tool to analyze storage on devices running Windows 10 that Microsoft added silently to the Anniversary Update.
The program is a diagnostic tool that you may use to identify storage related issues. Issues that it may detect including corruption of the NTFS file system.
There is more to the program than that though. You may use it to run a an ETW trace as well, and check the logs, Registry files and event files StorDiag.exe creates when it is done with the processing.
The application runs several tools in the background for that, including CheckDisk, fsutil and fltmc.

Using StorDiag.exe

The application can only be run from an elevated command prompt. Since it is only available in Windows 10's Anniversary Edition, instructions are only provided for this particular version of Windows.

Step 1: Open an elevated command prompt

administrator command prompt
First thing you need to do is open an elevated command prompt.
  1. Tap on the Windows-key, type cmd.exe, hold down the Ctrl and Shift keys, and hammer on the Return key.
  2. Confirm the UAC prompt that is displayed afterwards.
  3. The elevated command prompt window should open. If it reads Administrator in the title, all is well.

Step 2: The command

stordiag.exe commands
The program supports three parameters that you can run it with. You may run stordiag.exe /? first to display them on the screen.
StorDiag [-collectEtw] [-out <PATH>]
-collectEtw           Collect a 30-second long ETW trace if run from an elevated session
-checkFSConsistency   Checks for the consistency of the NTFS file system
-out <PATH>           Specify the output path. If not specified, logs are saved to %TEMP%\StorDiag

Step 3: Running storage diagnostics

You may run the application with all commands, or only some of them.
If you want to run them all, use the following command to do so:
stordiag.exe -collectEtw -checkFSConsistency -out c:\users\martin\desktop
Note: You need to change "martin" in the out path to the username on your system. You may also leave the -out path part. If you do, all logs are saved to a StorDiag folder on the system's temp folder. Simply copy and paste %TEMP%\StorDiag in the Explorer address bar and the location should open.
The processing takes a couple of minutes tops. It depends largely on the number of storage devices connected to the Windows 10 machine at the time.
The program will check all drives for corruption using CheckDisk, and will collect a 30 second ETW trace. It runs several tools in the background and logs their output.
You find the massive list of log files and event files in the -out directory afterwards.
ChkDsk C.txt
ChkDsk O.txt
ChkDsk P.txt
ChkDsk S.txt
ChkDsk T.txt
<DIR> LocaleMetaData
Volume C Corruption.txt
Volume O Corruption.txt
Volume P Corruption.txt
Volume S Corruption.txt
Volume T Corruption.txt
The CheckDisk information about each drive and potential corruption are probably most useful to users of the operating system.
System administrators find lots of information in the other files that they may use to analyze storage related issues.
StorDiag.exe does not resolve any of the issues that it may report. It is up to you or the system administrator to correct those.
Ghacks needs you. You can find out how to support us here or support the site directly by becoming a Patreon. Thank you for being a Ghacks reader.
The post StorDiag.exe: new Windows 10 Storage Diagnostic tool appeared first on gHacks Technology News.

via gHacks technology news Sicurezza e privacy sotto esame , un sito web che offre una serie di strumenti gratuiti per testare la sicurezza e la privacy del vostro browser. Funziona...