Home DEBUGGING How to create a Complete Memory Dump with LiveKd.exe without crashing the Server

How to create a Complete Memory Dump with LiveKd.exe without crashing the Server

by Cengiz Kuskaya

Tutorial

There can be situation or scenarios where we don’t want to crash the Server to get a Complete Memory Dump. To create a Complete Memory Dump without crashing the Server we can benefit from LiveKd.exe which has been developed by Mictosoft’s CTO Mark Russinowich. First of all we have to install the appropriate version of Debugging Tools for Windows . WinDbg is included both in (WDK) Windows Driver Kit and in (SDK) Software Development Kit.

Steps :

1. Download and install “Debugging Tools for Windows” .
https://docs.microsoft.com/en-us/windows-hardware/drivers/download-the-wdk

2. Afterwards donwload LiveKd.exe and copy to “C:\Program Files\Debugging Tools for Windows (x86)“.

Download LiveKd v5.3
http://technet.microsoft.com/en-us/sysinternals/bb897415.aspx

3. Open a CMD window and follow the steps below :

3.1. Navigate to C:\Program Files\Debugging Tools for Windows (x86).
3.2. Type the following commands without quotation marks.
Type -> "livekd.exe"
Type -> "Yes"
Press -> "Enter"
3.3. To create a Complete Memory Dump which includes both User Mode Address Space and Kernel Mode Address Space, type -> ".dump -f D:\CompleteMemory.dmp” without quotation marks.

Screenshot 1

Screenshot 2

Good luck !