The steps in this article will capture a memory dump from a VMware virtual machine without stopping its execution. This is useful in cases where forcing a crash or changing the Windows dump parameters is not permitted.

1. When the VM hangs, crashes, or otherwise displays symptoms, go into the VMware vCenter, Workstation, or Fusion interface and take a snapshot of the VM. Optionally, suspend the VM.
2. Browse to the file location where the VM is located. This may vary depending on the VMware product in use. For example, within vCenter, right click the virtual machine and browsing the datastore where the VM is located.
3. Locate the folder with the same name as the VM.
4. Inside the folder, locate the snapshot files. There will be a snapshot (.vmsn) or suspend file (.vmss) in the virtual machine directory, and a non‐monolithic memory (.vmem) file, all with the same base name e.g. servername-Snapshot3 with different suffixes (.vmsn, .vmss, and/or .vmem). If there are different snapshots, e.g. servername-Snapshot1, 2, 3, etc then locate the correct files for the recent snapshot or suspension by examining time/date stamps.
5. Save a copy of all files that are present (.vmsn, .vmss, and .vmem) for the snapshot. In vCenter, right click on the files and choose download and save them to the local machine. Zip them up and send them to the Technical Support Vendor which requested the core dump. 
   
   The following steps are informational only -- it is not necessary to perform them as Technical Support can convert the snapshot files themselves.
    
6. Copy the vmss2core.exe utility to the same location as the snapshot files.
   
   
7. Open a command line and navigate to the location of the snapshot files and execute the following command:
   
   If snapshot is from a VM where guest OS is Windows 8/Server 2012 or later: (Please note to use the names of the files that downloaded as these are just examples)
   vmss2core.exe -W8 snapshot.vmsn snapshot.vmem
   
   If snapshot is from a VM where guest OS is older Windows:
   vmss2core.exe -W snapshot.vmsn snapshot.vmem
   
   If snapshot is from a VM where guest OS is Linux:
   vmss2core.exe -N snapshot.vmsn snapshot.vmem

Note: .vmsn may be .vmss, and the .vmem file may not be present or necessary.

Successful output should be a "memory.dmp" (or "vmss.core" in case of Linux)

Note: The vmss2core tool cannot convert .vmss or .vmsn files for Windows VMs that have Hyper-V enabled. 

To verify if Hyper-V is enabled for a VM, open the .vmx configuration file and check for the line:

• vhv.enable = "TRUE"

If this setting is present and set to "TRUE," Hyper-V is enabled, which blocks vmss2core from converting the .vmss file into a memory dump.