Entries:
Comments:
Posts:

Loading User Information from Channel 9

Something went wrong getting user information from Channel 9

Latest Achievement:

Loading User Information from MSDN

Something went wrong getting user information from MSDN

Visual Studio Achievements

Latest Achievement:

Loading Visual Studio Achievements

Something went wrong getting the Visual Studio Achievements

Defrag Tools: #9 - ProcDump

Download

Right click “Save as…”

In this 3 part episode of Defrag Tools, Andrew Richards and Larry Larsen walk you through Sysinternals ProcDump. ProcDump allows you to capture the memory of a process running on the computer. The dump file can be of varying size and can be taken with varying outage durations. Dumps can be triggered immediately or can be triggered by a variety of events including CPU utilization, Memory utilization, a Performance Counter, a Hung Window and/or Native/Managed exceptions.

Part 1 (this week) covers what the tool captures and the outage durations that can be expected.
Part 2 goes through the wide variety of triggering options; in particular 1st and 2nd chance exceptions.
Part 3 goes through Windows 8 Modern Application support and Process Monitor logging support.

Resources:
Sysinternals ProcDump
Sysinternals VMMap

Timeline:
[01:15] - Download latest version - www.sysinternals.com
[02:23] - ProcDump v5 features
[03:52] - Task Manager, Process Explorer vs. ProcDump
[05:32] - Dump architecture (x86 vs. x64) needs to match the target
[08:02] - Mini, Full (-ma), MiniPlus (-mp) and Custom (-d) dumps
[13:45] - WinDbg - rely on Mapped Memory Image File
[16:54] - ProcDump Custom Dump Support (-d <dll>) - [MSDN Magazine]
[18:34] - Detach at Shutdown, Logoff, Console Close, Ctrl-C, Ctrl-Break
[19:15] - Process Reflection (-r)
[21:44] - Episode review and required permissions
[23:03] - Next episode, triggering...

[Edit: 28th Aug 2013 - Process Explorer 5.13 captures the correct bitness]

Tags:

Follow the Discussion

Remove this comment

Remove this thread

close

Comments Closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums,
or Contact Us and let us know.