Defrag Tools: #11 - ProcDump - Windows 8 & Process Monitor

Download this episode

Download Video


In this 3 part episode of Defrag Tools, Andrew Richards and Larry Larsen walk you through Sysinternals ProcDump. ProcDump allows you to capture the memory of a process running on the computer. The dump file can be of varying size and can be taken with varying outage durations. Dumps can be triggered immediately or can be triggered by a variety of events including CPU utilization, Memory utilization, a Performance Counter, a Hung Window and/or Native/Managed exceptions.

Part 1 covers what the tool captures and the outage durations that can be expected.
Part 2 goes through the wide variety of triggering options; in particular 1st and 2nd chance exceptions.
Part 3 (this week) goes through Windows 8 Modern Application support and Process Monitor logging support.

Sysinternals ProcDump

[00:00] - Overview of Windows 8 Modern Applications
[01:09] - ProcDump v5.0 vs. PLMDebug
[01:38] - Registry - Package and Application Names (AppUserModeId)
[02:00] - Activation and Monitoring (-x <folder> <appusermodeid>) 
[04:42] - User created ProcDump
[05:21] - Registry changes - DebugInformation
[05:40] - PLM created ProcDump
[06:53] - Process Monitor - Debug Output Profile events
[09:50] - PLM behaviour for Attach vs. Launch
[11:17] - And that's it for ProcDump!



Available formats for this video:

Actual format may change based on video formats available and browser capability.

    The Discussion

    Comments closed

    Comments have been closed since this content was published more than 30 days ago, but if you'd like to send us feedback you can Contact Us.