Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

How To Use Task Manager to Create a Dump File of a Running Process

How To Use Task Manager to Create a Dump File of a Running Process

Environment

  • Microsoft Windows: Windows Vista and higher
  • Microsoft Windows: Server 2008 and higher

Objective

Create a memory dump of a running process using Task Manager

Resolution

  1. Open Windows Task Manager
    • If the application in question is 32-bit, open taskmgr.exe from the directory C:\Windows\SysWOW64
  2. Select the Processes tab
  3. Right-click the desired process
  4. Select Create Dump File
  5. Wait until a notification is presented for successful creation of the dump file
  6. A dialogue will appear with the location of the saved dump file
  7. After the file is created, go to the folder specified in the Dumping Process dialog in Windows Explorer to access the dump (.dmp) file
  8. Please compress the .dmp file and follow this to send it to support if needed 

Additional Notes

When uploading these files, please verify the time they were gathered and note the Sensor status in case Support has questions about if it was in Bypass or normal operation mode.

Related Content


Was this article helpful? Yes No
100% helpful (2/2)
Article Information
Author:
Creation Date:
‎09-09-2020
Views:
17972
Contributors