Fastdump is the industry's most forensically sound windows memory dumping utility. It has a memory footprint that is far less than other tools such as Helix/DD. It also has minimal linking to other DLL's on the system. All required code is statically linked so no external links are loaded (save NTDLL, which cannot be avoided in this case). The final executable size is only 80K.

FD is very simple to use. Use a USB stick or other means to make FD available to a command prompt on the target windows system. Type FD where filename is the dump file and FD takes a snapshot of physical RAM. This file will be a binary dump of RAM. Of course the size of the file will depend on the amount of RAM present in the target machine. FD is optimized to work with USB transfers so it should perform well even when dumping to a USB drive.

HBGary has released FD for free for the incident response and forensics community.

FastDump - A Memory Preservation Tool ONLY