Cyberiafreak

"Fortunate are those who take the first steps.” ― Paulo Coelho

Procdump is preferred over Adplus- About ProcDump.

There may be many ways to capture the dumps in winodws, but which one gives us the better dumps ? Obviously Procdump has lot of advantage, details and preferred over Adplus when see the details in Windbg. 

We suggest to use Procdump and also carefully select the bitness when capturing dumps. For 64 bit use -64 or else leave it blank(default it is 32 bit).

 The syntax goes like this for crash-> Procdump -e -ma -t -64 -w Outlook.exe    (Procdump page has got details about these command line switches)

Let me put it in steps,

1)    Before taking dump, enable page heap corruption checking using the following command:   gflags.exe -p /enable outlook.exe /full

 2)    Now run the procdump command to capture the dump with bitness set accordingly. Procdump -e -ma -t -64 -w Outlook.exe  Wait for the crash and confirm dump has been created successfully.

 3)    After the crash, reset command: gflags.exe -p /disable outlook.exe You can use the following command line to see if page heap checking is enabled:    gflags.exe –p

 For additional info, refer Dan B blog post here and about procdump quick video here.

Advertisements

June 6, 2014 - Posted by | Uncategorized |

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: