troushoo

ダンプ採取時に実行中のタスク (プロセス) の状態を表示してくれる、mex のコマンドtasklist

デバッガーエクステンションmex の tasklist コマンドを用いると、ダンプ採取時に実行中であったタスク (プロセス) の状態がわかります。

tasklist コマンドに -a 引数を用いると、詳細なプロセス情報がわかります。(出力されるまで数分程度時間がかかります。)
0: kd> !mex.tasklist -a
PID          Address          Name                                         User     Kernel      Total Ses        VM      Peak  Work Set Awe Size Commit Size  PP Quota NPP Quota Thd !! Rn Ry Bk Lc IO Er Hnd Create Time         User Name                  Command Line                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             Exit Status GDI Handles User Handles
============ ================ ========================================== ====== ========== ========== === ========= ========= ========= ======== =========== ========= ========= === == == == == == == == === =================== ========================== ======================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================== =========== =========== ============
0x0   0n0    fffff8014075b300 Idle                                            0 26m:35.985 26m:35.985   0     64 KB     64 KB     24 KB        0                                   2  .  2  .  .  .  .  .                         WORKGROUP\12R2$                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               0           0            0
0x4   0n4    ffffe001fbcb7500 System                                          0     2s.627     2s.627   0   3.31 MB   7.09 MB    336 KB        0      104 KB                     111  2  .  .  .  .  .  .   0 08/19/2016 02:11 PM WORKGROUP\12R2$                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             103           0            0
0x124 0n292  ffffe001fc4634c0 smss.exe                                     16ms       16ms       32ms   0   4.15 MB  25.32 MB   1.09 MB        0      272 KB  12.13 KB   2.42 KB   2  .  .  .  1  .  .  .   0 08/19/2016 02:11 PM WORKGROUP\12R2$            \SystemRoot\System32\smss.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    103           0            0
0x188 0n392  ffffe001fcbe7640 csrss.exe                                    16ms      110ms      126ms   0  43.71 MB  44.04 MB   3.81 MB        0      1.7 MB 133.73 KB  12.31 KB   9  .  .  .  .  1  .  .   0 08/19/2016 02:11 PM WORKGROUP\12R2$            %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             103           0            0
0x1bc 0n444  ffffe001fcc54080 wininit.exe                                     0       47ms       47ms   0      2 TB      2 TB   3.74 MB        0      792 KB   88.2 KB   7.73 KB   1  .  .  .  .  .  .  .   0 08/19/2016 02:11 PM WORKGROUP\12R2$            wininit.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      103           0            0
0x1c4 0n452  ffffe001fcc53280 csrss.exe                                    16ms       16ms       32ms   1  39.27 MB  42.29 MB   3.61 MB        0     1.34 MB  94.55 KB   8.97 KB   9  .  .  .  .  1  .  .   0 08/19/2016 02:11 PM WORKGROUP\12R2$            %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             103           0            0
0x1e0 0n480  ffffe001fcc46900 winlogon.exe                                    0       47ms       47ms   1      2 TB      2 TB   5.59 MB        0     1.33 MB 104.52 KB   7.22 KB   2  .  .  .  .  .  .  .   0 08/19/2016 02:11 PM WORKGROUP\12R2$            winlogon.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     103           0            0
0x21c 0n540  ffffe001fc43a900 services.exe                                 15ms       63ms       78ms   0      2 TB      2 TB   5.57 MB        0     2.19 MB  79.85 KB   8.81 KB   2  .  .  .  .  .  .  .   0 08/19/2016 02:11 PM WORKGROUP\12R2$            C:\Windows\system32\services.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 103           0            0
0x224 0n548  ffffe001fc4312c0 lsass.exe                                   500ms      157ms      657ms   0      2 TB      2 TB   11.2 MB        0     4.69 MB  96.41 KB     19 KB   6  .  .  .  .  .  .  .   0 08/19/2016 02:11 PM WORKGROUP\12R2$            C:\Windows\system32\lsass.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    103           0            0
0x260 0n608  ffffe001fccbd480 svchost.exe(DcomLaunch)                      78ms       94ms      172ms   0      2 TB      2 TB   9.98 MB        0     3.55 MB 192.96 KB  14.56 KB   9  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            C:\Windows\system32\svchost.exe -k DcomLaunch                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    103           0            0
0x28c 0n652  ffffe001fc46c480 svchost.exe(RPCSS)                          187ms       79ms      266ms   0      2 TB      2 TB   6.21 MB        0     2.73 MB  66.64 KB  13.64 KB   7  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            C:\Windows\system32\svchost.exe -k RPCSS                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         103           0            0
0x2e4 0n740  ffffe001fcdf5080 LogonUI.exe                                  31ms       63ms       94ms   1      2 TB      2 TB  25.27 MB        0    12.58 MB 299.45 KB   21.2 KB   7  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            "LogonUI.exe" /flags:0x0                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         103           0            0
0x2ec 0n748  ffffe001fcdf2600 dwm.exe                                      16ms       32ms       48ms   1      2 TB      2 TB  25.14 MB        0    14.75 MB 163.72 KB  14.22 KB   7  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM Window Manager\DWM-1       "dwm.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        103           0            0
0x340 0n832  ffffe001fd073080 svchost.exe(LocalServiceNetworkRestricted)  249ms      329ms      578ms   0      2 TB      2 TB  20.38 MB        0     16.2 MB 109.57 KB  20.52 KB  14  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM NT AUTHORITY\LOCAL SERVICE C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 103           0            0
0x360 0n864  ffffe001fd063080 svchost.exe(netsvcs)                        501ms      518ms     1s.019   0      2 TB      2 TB  33.57 MB        0    22.24 MB 321.73 KB   58.5 KB  46  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            C:\Windows\system32\svchost.exe -k netsvcs                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       103           0            0
0x378 0n888  ffffe001fd0946c0 svchost.exe(LocalService)                   219ms      173ms      392ms   0      2 TB      2 TB  14.93 MB        0     6.31 MB 171.23 KB  27.47 KB  18  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM NT AUTHORITY\LOCAL SERVICE C:\Windows\system32\svchost.exe -k LocalService                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  103           0            0
0x3c8 0n968  ffffe001fd02b900 svchost.exe(NetworkService)                 156ms       79ms      235ms   0      2 TB      2 TB  16.64 MB        0     6.87 MB 180.83 KB  29.39 KB  17  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            C:\Windows\system32\svchost.exe -k NetworkService                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                103           0            0
0x214 0n532  ffffe001fd01f900 svchost.exe(LocalServiceNoNetwork)           46ms       16ms       62ms   0      2 TB      2 TB   12.2 MB        0     9.25 MB  99.49 KB  33.45 KB  16  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM NT AUTHORITY\LOCAL SERVICE C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         103           0            0
0x414 0n1044 ffffe001fd1b8900 spoolsv.exe                                  31ms       94ms      125ms   0      2 TB      2 TB  12.62 MB        0     4.52 MB 191.89 KB  24.16 KB  11  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            C:\Windows\System32\spoolsv.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  103           0            0
0x434 0n1076 ffffe001fd19e640 svchost.exe(utcsvc)                          47ms       31ms       78ms   0      2 TB      2 TB   7.32 MB        0     2.35 MB 142.34 KB  12.34 KB   8  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            C:\Windows\System32\svchost.exe -k utcsvc                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        103           0            0
0x454 0n1108 ffffe001fd015900 WaAppAgent.exe                              594ms      126ms      720ms   0 570.37 MB 573.72 MB  47.39 MB        0     41.2 MB 373.59 KB  37.77 KB  12  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            C:\WindowsAzure\Packages\WaAppAgent.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          103           0            0
0x46c 0n1132 ffffe001fd1e8900 svchost.exe(LocalSystemNetworkRestricted)  1s.892      641ms     2s.533   0      2 TB      2 TB   20.3 MB        0    10.09 MB 176.05 KB  28.67 KB  21  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  103           0            0
0x48c 0n1164 ffffe001fd207900 WindowsAzureGuestAgent.exe                  828ms      157ms      985ms   0 576.52 MB 581.81 MB  51.96 MB        0    39.67 MB 374.55 KB  43.31 KB  12  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            "C:\WindowsAzure\Packages\GuestAgent\WindowsAzureGuestAgent.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 103           0            0
0x504 0n1284 ffffe001fd221900 WindowsAzureTelemetryService.exe           1s.422      251ms     1s.673   0 591.27 MB 598.63 MB  56.73 MB        0    47.36 MB 366.52 KB  41.12 KB  12  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            "C:\WindowsAzure\Packages\Telemetry\WindowsAzureTelemetryService.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            103           0            0
0x6fc 0n1788 ffffe001fd3df080 svchost.exe(termsvcs)                       487ms      330ms      817ms   0      2 TB      2 TB  74.14 MB        0    62.53 MB 255.12 KB  28.47 KB  37  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            C:\Windows\System32\svchost.exe -k termsvcs                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      103           0            0
0x738 0n1848 ffffe0020541a240 svchost.exe(ICService)                       15ms       47ms       62ms   0      2 TB      2 TB   7.61 MB        0     2.55 MB 100.11 KB  15.16 KB  14  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            C:\Windows\system32\svchost.exe -k ICService                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     103           0            0
0x7f4 0n2036 ffffe001fd26e900 VSSVC.exe                                       0          0          0   0      2 TB      2 TB    6.1 MB        0     1.42 MB  69.84 KB   9.11 KB   2  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            C:\Windows\system32\vssvc.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    103           0            0
0x878 0n2168 ffffe001fd3bb900 rundll32.exe                                    0          0          0   0      2 TB      2 TB   6.86 MB        0     2.47 MB 111.07 KB   9.36 KB   3  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "GAEvents" "0x85c_0x860_0xd2eaaec"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          103           0            0
0x8a4 0n2212 ffffe001fd3bd900 WmiPrvSE.exe                                187ms      219ms      406ms   0      2 TB      2 TB  12.89 MB        0     6.72 MB 106.02 KB  14.03 KB   7  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            C:\Windows\system32\wbem\wmiprvse.exe\0-secured\0-Embedding                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      103           0            0
0x950 0n2384 ffffe00205620080 DiagnosticsPlugin.exe                      1s.156      204ms     1s.360   0 556.72 MB 559.81 MB  45.78 MB        0     32.7 MB  318.6 KB  37.52 KB  10  .  .  .  1  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            "DiagnosticsPlugin.exe" DiagnosticPlugin-ShutdownEvent DiagnosticPlugin-TotalShutdownEvent -wadVer1v7                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            103           0            0
0x958 0n2392 ffffe0020561e900 conhost.exe                                     0       16ms       16ms   0      2 TB      2 TB    2.8 MB        0      620 KB  51.69 KB   4.61 KB   1  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            \??\C:\Windows\system32\conhost.exe 0x4                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          103           0            0
0x9d4 0n2516 ffffe00205660900 MonAgentHost.exe                                0          0          0   0   30.2 MB   30.8 MB    5.1 MB        0     1.16 MB   72.2 KB   8.23 KB   2  .  .  .  1  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            "C:\Packages\Plugins\Microsoft.Azure.Diagnostics.IaaSDiagnostics\1.7.3.0\Monitor\x64\MonAgentHost.exe" -LocalPath "C:\WindowsAzure\Logs\Plugins\Microsoft.Azure.Diagnostics.IaaSDiagnostics\1.7.3.0\WAD0107"  -ConfigFile "C:\WindowsAzure\Logs\Plugins\Microsoft.Azure.Diagnostics.IaaSDiagnostics\1.7.3.0\WAD0107\Configuration\MaConfig.xml" -ShutDownEvent WADDM-ShutDown-0970b086dbe44e928a0119b544f3461e  -TotalShutDownEvent WADDM-TotalShutDown-0970b086dbe44e928a0119b544f3461e -InitializedEvent WADM-StartUp-0970b086dbe44e928a0119b544f3461e -parent 2384 -events -wadVer1v7 -UseProxyServer                                                                                                                                                                                                         103           0            0
0x9dc 0n2524 ffffe0020565d1c0 conhost.exe                                  31ms       32ms       63ms   0      2 TB      2 TB   2.89 MB        0      768 KB  53.44 KB   4.61 KB   1  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            \??\C:\Windows\system32\conhost.exe 0x4                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          103           0            0
0x9fc 0n2556 ffffe0020564d900 MonAgentManager.exe                          47ms          0       47ms   0  48.59 MB  48.91 MB   7.74 MB        0      2.3 MB  94.07 KB  13.48 KB   5  .  .  .  1  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            -serviceShutdown MonAgentShutdownEvent.2516 -parent 2516 -deploymentdir "C:\Packages\Plugins\Microsoft.Azure.Diagnostics.IaaSDiagnostics\1.7.3.0\Monitor\x64" -LocalPath "C:\WindowsAzure\Logs\Plugins\Microsoft.Azure.Diagnostics.IaaSDiagnostics\1.7.3.0\WAD0107" -ConfigFile "C:\WindowsAzure\Logs\Plugins\Microsoft.Azure.Diagnostics.IaaSDiagnostics\1.7.3.0\WAD0107\Configuration\MaConfig.xml" "-ShutDownEvent" "WADDM-ShutDown-0970b086dbe44e928a0119b544f3461e" "-TotalShutDownEvent" "WADDM-TotalShutDown-0970b086dbe44e928a0119b544f3461e" "-InitializedEvent" "WADM-StartUp-0970b086dbe44e928a0119b544f3461e" "-events" "-wadVer1v7" "-UseProxyServer"  -LogPath "C:\WindowsAzure\Logs\Plugins\Microsoft.Azure.Diagnostics.IaaSDiagnostics\1.7.3.0\WAD0107\Configuration\MonAgentHost.2.log"         103           0            0
0xa14 0n2580 ffffe001fd371900 MonAgentCore.exe                           1s.000      439ms     1s.439   0 121.85 MB 129.83 MB  29.89 MB        0    16.85 MB 206.66 KB  40.72 KB  39  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            -deploymentdir "C:\Packages\Plugins\Microsoft.Azure.Diagnostics.IaaSDiagnostics\1.7.3.0\Monitor\x64" -LocalPath "C:\WindowsAzure\Logs\Plugins\Microsoft.Azure.Diagnostics.IaaSDiagnostics\1.7.3.0\WAD0107"    -InitializedEvent "WADM-StartUp-0970b086dbe44e928a0119b544f3461e" -events -wadVer1v7 -UseProxyServer  -ConfigFile "C:\WindowsAzure\Logs\Plugins\Microsoft.Azure.Diagnostics.IaaSDiagnostics\1.7.3.0\WAD0107\Configuration\MaConfig.xml" -disableupdate -managerver 1  -parent 2556 -ShutDownEvent WADDM-ShutDown-0970b086dbe44e928a0119b544f3461e2516 -TotalShutDownEvent WADDM-TotalShutDown-0970b086dbe44e928a0119b544f3461e2516                                                                                                                                                                 103           0            0
0xa50 0n2640 ffffe00205682180 rundll32.exe                                    0       31ms       31ms   0      2 TB      2 TB   7.07 MB        0     2.67 MB 111.07 KB   9.36 KB   3  .  .  .  .  .  .  .   0 08/19/2016 02:12 PM WORKGROUP\12R2$            C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "RTEvents" "0xa38_0xa3c_0x121ddad7"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         103           0            0
0x7e8 0n2024 ffffe001fd3cf080 msdtc.exe                                    47ms       31ms       78ms   0      2 TB      2 TB   6.84 MB        0     2.16 MB  75.72 KB  11.61 KB   9  .  .  .  1  .  .  .   0 08/19/2016 02:14 PM WORKGROUP\12R2$            C:\Windows\System32\msdtc.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    103           0            0
0x730 0n1840 ffffe0020557b900 WmiPrvSE.exe                                 47ms       16ms       63ms   0      2 TB      2 TB    5.5 MB        0     1.56 MB  59.37 KB   8.17 KB   4  .  .  .  .  .  .  .   0 08/19/2016 02:15 PM WORKGROUP\12R2$            C:\Windows\system32\wbem\wmiprvse.exe\0-Embedding                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                103           0            0
0xbe8 0n3048 ffffe0020671b080 csrss.exe                                   110ms      188ms      298ms   2 193.74 MB 193.74 MB  31.38 MB        0     2.27 MB 412.42 KB  14.62 KB   9  .  .  .  .  1  .  .   0 08/19/2016 02:21 PM WORKGROUP\12R2$            %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             103           0            0
0xb60 0n2912 ffffe0020671a080 winlogon.exe                                    0       32ms       32ms   2      2 TB      2 TB   5.29 MB        0     1.33 MB 100.71 KB   7.72 KB   4  .  .  .  .  .  .  .   0 08/19/2016 02:21 PM WORKGROUP\12R2$            winlogon.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     103           0            0
0x6cc 0n1740 ffffe00206741080 dwm.exe                                      79ms      189ms      268ms   2      2 TB      2 TB   62.4 MB        0    17.35 MB  291.8 KB  20.97 KB  10  .  .  .  .  .  .  .   0 08/19/2016 02:21 PM Window Manager\DWM-2       "dwm.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        103           0            0
0x9e8 0n2536 ffffe002067a0080 taskhostex.exe                               63ms       47ms      110ms   2      2 TB      2 TB  15.11 MB        0      8.3 MB 182.41 KB  36.36 KB   7  .  .  .  .  .  .  .   0 08/19/2016 02:21 PM 12R2\tr                    taskhostex.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   103           0            0
0x934 0n2356 ffffe002067cc900 rdpclip.exe                                  47ms      173ms      220ms   2      2 TB      2 TB   7.41 MB        0     1.92 MB 172.76 KB  12.11 KB  10  .  .  .  .  .  .  .   0 08/19/2016 02:21 PM 12R2\tr                    rdpclip                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          103           0            0
0xaa8 0n2728 ffffe00206743900 explorer.exe                               3s.250     3s.379     6s.629   2      2 TB      2 TB 109.14 MB        0    46.25 MB    1.1 MB 117.39 KB  60  .  .  .  .  .  .  .   0 08/19/2016 02:21 PM 12R2\tr                    C:\Windows\Explorer.EXE                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          103           0            0
0xe58 0n3672 ffffe0020690d900 iexplore.exe                                313ms      407ms      720ms   2      2 TB   2.03 TB   43.5 MB        0     13.6 MB  394.8 KB  44.23 KB  10  .  .  .  .  .  .  .   0 08/19/2016 02:22 PM 12R2\tr                    "C:\Program Files\Internet Explorer\iexplore.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                103           0            0
0xeb8 0n3768 ffffe002069ff900 iexplore.exe*32                            1s.548      439ms     1s.987   2  316.1 MB 394.31 MB  80.04 MB        0     48.6 MB 464.67 KB  63.39 KB  23  .  .  .  .  .  .  .   0 08/19/2016 02:22 PM 12R2\tr                    "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3672 CREDAT:275457 /prefetch:2                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    103           0            0
0xcd0 0n3280 ffffe001fd38e100 msiexec.exe                                2s.390     1s.563     3s.953   0      2 TB      2 TB  15.22 MB        0     8.18 MB 184.09 KB  14.64 KB   6  .  .  .  .  .  .  .   0 08/19/2016 02:23 PM WORKGROUP\12R2$            C:\Windows\system32\msiexec.exe /V                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               103           0            0
0x7ac 0n1964 ffffe0020678d900 windbg.exe                                      0       78ms       78ms   2      2 TB      2 TB  17.39 MB        0     3.33 MB 246.45 KB  13.73 KB   1  .  .  .  .  .  .  .   0 08/19/2016 02:24 PM 12R2\tr                    "C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\windbg.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                103           0            0
0xe54 0n3668 ffffe00206ada400 WmiApSrv.exe                                 16ms          0       16ms   0      2 TB      2 TB   5.37 MB        0     1.22 MB  57.78 KB    8.3 KB   4  .  .  .  .  .  .  .   0 08/19/2016 02:24 PM WORKGROUP\12R2$            C:\Windows\system32\wbem\WmiApSrv.exe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            103           0            0
0xdd8 0n3544 ffffe00206c4f900 NotMyfault.exe                               16ms       47ms       63ms   2 110.67 MB 131.57 MB   9.34 MB        0     1.72 MB 222.23 KB  10.97 KB   1  .  1  .  .  .  .  .   0 08/19/2016 02:25 PM 12R2\tr                    "C:\Users\tr\Desktop\NotMyFault\x64\NotMyfault.exe"                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              103           0            0
============ ================ ========================================== ====== ========== ========== === ========= ========= ========= ======== =========== ========= ========= === == == == == == == == === =================== ========================== ======================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================== =========== =========== ============
PID          Address          Name                                         User     Kernel      Total Ses        VM      Peak  Work Set Awe Size Commit Size  PP Quota NPP Quota Thd !! Rn Ry Bk Lc IO Er Hnd Create Time         User Name                  Command Line                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             Exit Status GDI Handles User Handles

出力結果はハイバーリンク形式になっているものもあり、リンクをクリックすると、リンクしたものの詳細な情報がわかります。青色で下線がついているものです。
例えば、[Address] の列の一つをクリックしてみます。


すると、プロセスの詳細情報が表示されます。
そして、そこに表示された[!mex.listthreads (!lt) <アドレス>] をクリックしてみます。


すると、そのプロセスのスレッド一覧が表示されます。


このように、mex を用いると、クリックによるダンプ解析も可能になります。


関連記事
一般公開されたWinDBG のデバッガーエクステンション MEX
  1. 2016/08/20(土) 23:14:05|
  2. WinDbg
  3. | トラックバック:0
  4. | コメント:0
<<Linux で、何がファイルを変更したのかを調査する方法 - auditd - | ホーム | Service Profiler:パフォーマンスの監視かつトラブルシューティング用のMS 提供のサービス>>

コメント

コメントの投稿


管理者にだけ表示を許可する

トラックバック

トラックバック URL
http://troushoo.blog.fc2.com/tb.php/303-92eec3f9
この記事にトラックバックする(FC2ブログユーザー)

スポンサーリンク

最新記事

月別アーカイブ

カテゴリ

ツール (92)
ネットワーク (76)
Visual Studio (56)
SOS・Psscor2/Psscor4 (25)
WinDbg (25)
Linux (23)
Azure (17)
Tips (20)
英語 (1)
About Me (1)
未分類 (0)

全記事表示リンク

全ての記事を表示する

検索フォーム

RSSリンクの表示

リンク

このブログをリンクに追加する