The User Mode Process Dumper (userdump) can be used to dump any win32 process running on Windows Operating System for troubleshooting purpose.
To install User Mode Process Dumper follow the steps below:
1. Download User Mode Process Dumper from the following Microsoft link:
2. To install the User Mode Process Dumper, run the UserModeProcessDumper8_1_2929_5.exe package. After you accept the Software License Terms, all necessary files are copied to the C:\kktools\userdump8.1 folder.
3. Go to C:\kktools\userdump8.1\Architecture folder or the folder you specified in the previous step, and run setup.exe.
To use User Mode Process Dumper follow the steps below:
1. Open Process Dumper from Control Panel (FIG 1).
2. Click on New button to add the process to monitor (FIG 2).
3. Add the process name in the "Add Application to Monitor" pop up window (FIG 3).
4. By default the resulting dump file will be saved under C:\Windows folder. To change the output directory click on Default Settings button and change the path (FIG 4).
The dump will be saved in the output directory and the name of the file will be processnamexxx.dmp (e.g. for beremote process the dump file will be beremote123.dmp). Collect the dump file and submit to Symantec Technical Support for further analysis.
For additional information and further options related to Process Dumper refer to following Knowledge Base article from Microsoft: