One step further: On my machine, the pool tagged "Thre" grows about 1MB/day. Searching for "Thre" with findstr returns about every *.sys file on my harddisk. Any ideas how I could reduce the number of possible culprits?
Asked
Active
Viewed 2,439 times
0
Aaron Digulla
- 954
- 1
- 13
- 24
1 Answers
1
You should try downloading the Debugging Tools for Windows. It includes a pooltag.txt that includes the common tags and what they represent. In your case:
Thre - nt!ps - Thread objects
Also, the newer versions of poolmon (e.g. http://www.microsoft.com/downloads/details.aspx?FamilyID=2105564e-1a9a-4bf4-8d74-ec5b52da3d00&displaylang=en) apparently have a "/c" parameter that will show this information within poolmon itself (http://msdn.microsoft.com/en-us/library/ms792885.aspx#a0735340-c309-44d2-9e42-0d018029ad54)
Mark Sowul
- 1,809
- 1
- 11
- 14