的唯一安全的方法来做到这一点是造成蓝屏，并有Windows获得转储本身。造成蓝屏发生过 KeBugCheckEx 内核功能，你需要一个定制的设备驱动程序以编程方式调用它。或者你也可以使用 CrashOnCtrlScroll 注册表伎俩和触发它自己。

The only safe way to do it is to cause a bluescreen and have Windows get the dump itself. Causing a bluescreen happens through KeBugCheckEx kernel function and you need a custom-built device driver to call it programmatically. Or you can use CrashOnCtrlScroll registry trick and trigger it yourself.

或者你也可以使用两台电脑连接的内核调试器系统，并触发使用的 .crash 的调试器命令。

Or you can connect a kernel debugger to the system using two computers and trigger a memory dump using .crash debugger command.

有像LiveKD方法Sysinternals公司做局部检查内核在同一台计算机上，但他们不是准确，因为内存不断变化。这是不可能使用这些方法来获得一个健康的转储。

There are methods like LiveKD from SysInternals to do partial kernel inspection on the same computer but they are not "accurate" because memory changes continuously. It's impossible to get a healthy dump using those methods.

做所有这些使用C＃是没有意义的。

Doing all these using C# is, pointless.