O'Reilly logo

Memory Dump Analysis Anthology, Volume 7 by Dmitry Vostokov

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Problem Module

Sometimes this pattern can help in troubleshooting. Problem modules (including process names) are components that due to their value adding behavior might break normal software behavior and therefore require some troubleshooting workarounds from minor configuration changes to their complete removal. Typical examples include memory optimization services7 for terminal services environments or hooksware8. We can see main process modules in the output of !vm or !process 0 0 WinDbg commands. lm command will list module names such as DLLs from a process memory dump, lmk command can give us the list of kernel space modules (for example, drivers) from kernel and complete memory dumps, and the following command lists all user space modules ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required