Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Monitoring processes with high CPU usage with the Microsoft ProcDump tool

    • Updated:
    • 15 Dec 2015
    • Product/Version:
    • OfficeScan 10.6
    • OfficeScan 11.0
    • ServerProtect for Microsoft Windows/Novell Netware 5.7
    • ServerProtect for Microsoft Windows/Novell Netware 5.8
    • Platform:
    • Windows 2003 Enterprise
    • Windows 2003 Standard
    • Windows 2008 Enterprise
    • Windows 2008 Standard
    • Windows 7 32-bit
    • Windows 7 64-bit
    • Windows Vista 32-bit
    • Windows Vista 64-bit
    • Windows XP Professional
Summary

This article provides an overview on Microsoft's Sysinternals ProcDump tool, how to use it to produce memory dumps with applications that exhibit occasional high CPU utilization.

Details
Public

ProcDump is a command-line utility whose primary purpose is monitoring an application for CPU spikes and generating crash dumps during a spike. It also includes hung window monitoring (using the same definition of a window hang that Windows and Task Manager use), unhandled exception monitoring and can generate dumps based on the values of system performance counters.

Here's how to use it:

  1. Download latest version of ProcDump here.
  2. Extract the tool (procdump.exe) on a temporary folder like %systemroot%\temp on the target computer.
  3. Open command prompt (run as the Administrator) and change the directory to where the procdump.exe was extracted.
  4. Run the following command:procdump -ma someprocess.exe -s 20 -p "\Processor(_Total)\% Processor Time" 80
  5. Click the Agree button when the EULA dialog box shows up.

The switches are defined as follows:

-ma someprocess.exe - means generate full dump on ntrtscan.exe process
-s 20 - means 20 seconds before creating dump
-p "\Processor(_Total)\% Processor Time" - 80 means threshold of 80% CPU

When the above command is executed, ProcDump monitors someprocess.exe and only when it reaches 80% CPU Utilization for 20 seconds that the tool starts creating the full memory dump. The tool terminates itself after creating the process dump file found in the same file path as the procdump.exe.

Reference Microsoft article: ProcDump v7.0

Premium
Internal
Rating:
Category:
Troubleshoot
Solution Id:
1097179
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.