Page 1 of 1

Dumping processes without breaking them

PostPosted: Sat Oct 28, 2006 7:40 pm
by VDO
Code: Select all
ntsd -pvr -p <PID> -c “.dump /ma /u process.dmp; q”


Blog: http://www.dumpanalysis.org/blog/index. ... king-them/

Re: Dumping processes without breaking them

PostPosted: Mon Jun 14, 2010 4:53 am
by sainath22
Hi Dimitry,

I have tested the below command , and also along with the cdb

So the 'r' switch for windbg wont work .

-pvr is a good option under noninvasive and provides the following advantages

a) perform debugging on running applicaitons

b) you can still use
x < your exe > ! <your function> to know the function address ( not the return address )

Question
=======
I understand we cannot use "breakin or go commands "under the noninvasive, but if we add those functionality , does non invasive be similar to live debugging a process ?