Você pode usar a função Out-Minidump para o PowerShell:
Out-Minidump writes a process dump file with all process memory to disk. This is similar to running procdump.exe with the '-ma' switch.
Uso básico:
-
Ative a execução do script do PowerShell por meio do cmdlet Set-ExecutionPolicy . Deve ser
Bypass,UnrestrictedouRemoteSigned. Detalhes :If you (or a helpful admin) runs Set-ExecutionPolicy as administrator, the policy will be set for all users. (I would suggest "remoteSigned" rather than "unrestricted" as a safety measure.)
NB.: On a 64-bit OS you need to run Set-ExecutionPolicy for 32-bit and 64-bit PowerShell separately.
-
Download
Out-Minidump.ps1 -
Desbloqueie-o usando as propriedades de arquivo no Explorer ( maneiras alternativas )
InicieoPowerShellea
Out-Minidump.ps1(note primeiro ponto):
. c:\path\to\Out-Minidump.ps1
- Agora você pode realmente criar o despejo do processo usando esta sintaxe:
Get-Process 'notepad.exe' | Out-Minidump -DumpFilePath C:\temp
- Para obter ajuda, execute este comando:
Get-Help Out-Minidump -Full