In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer. This installment goes over the commands used to show the memory used in a kernel mode debug session. We cover these commands: !vm !vm 1 !memusage 8 !poolused 2 !poolused 4 !poolfind <tag> !pool <addr> !pool <addr> 2 !pte Make sure you watch Defrag Tools Episode #1 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbols and source code resolution.