Reputation: 11037
how to get full memory dump of RAM using c#
How to get Complete Memory Dump using C#.NET?
Upvotes: 3
Views: 2587
Answers (2)
Reputation: 47680
The only safe way to do it is to cause a bluescreen and have Windows get the dump itself. Causing a bluescreen happens through KeBugCheckEx kernel function and you need a custom-built device driver to call it programmatically. Or you can use CrashOnCtrlScroll registry trick and trigger it yourself.
Or you can connect a kernel debugger to the system using two computers and trigger a memory dump using .crash debugger command.
There are methods like LiveKD from SysInternals to do partial kernel inspection on the same computer but they are not "accurate" because memory changes continuously. It's impossible to get a healthy dump using those methods.
Doing all these using C# is, pointless.
Upvotes: 3
Reputation: 4287
With MiniDumpWriteDump you can get a full process dump by specifying DumpType as MiniDumpWithFullMemory.
You might try to get this for all processes in the system by getting a list of process handles and iterating over that with MiniDumpWriteDump. I do not know if you will have security related issues.
As for getting a kernel memory dump from a user mode process, as far as I know, this should not be possible.
Upvotes: 0
Related Questions
- How to generate a memory heap dump from a running C# mono application?
- Get total installed RAM in C# on Windows 10
- Get Available Free RAM Memory C#
- Taking memory dump using C#
- How to get total system RAM in .NET Standard 2.0?
- Get real process RAM usage
- How to dump memory in windows 2008 64bit server?
- need to see how much physical memory is available to current process
- How to grab a full memory dump of a large memory usage
- How to make a memory dump in .net?