How to read dump (.dmp) files

Author: Monica Porter
Date Of Creation: 16 March 2021
Update Date: 1 July 2024
Anonim
How to Check Windows Crash Dumps BSOD
Video: How to Check Windows Crash Dumps BSOD

Content

When a Windows application crashes or suddenly stops working, a "crash dump file" is created to store current information just before the problem occurs. You can fix the cause of the error when reading the memory dump file. You can use the free "BlueScreenView" utility to quickly detect errors, or use the Windows Debugger tool to find out detailed information.

Steps

Method 1 of 2: Use BlueScreenView

  1. Use BlueScreenView if you just need to find out what's causing the error. Most users only need the dump file to determine the cause of application downtime or blue screen problem. BlueScreenView is a free utility from NirSoft that analyzes the dump file and determines which driver or factor is causing the error.
    • Files created in the event of a system failure are called "minidumps."


  2. Download BlueScreenView. You can download BlueScreenView directly from NirSoft at the address.
    • You can download the separate program in ZIP format. You can launch the program without having to install it. After downloading the ZIP file, right-click and select "Extract" to create a new folder containing the BlueScreenView program.


  3. Start BlueScreenView. After extracting the BlueScreenView from the ZIP file, launch the program in the folder. You are asked by Windows to continue.

  4. Find the dump file you want to analyze. When a computer error occurs, a "minidump" file will be created in the Windows directory. These files have the extension.dmp, BlueScreenView can read and analyze the situation for you. You can find the Minidump file at. If you do not see the file, you need to make adjustments to show hidden files:
    • In Windows 10 and 8, click the "View" tab in Windows Explorer and check the "Hidden items" dialog box.
    • On Windows 7 and earlier, open Folder Options in Control Panel, click the "View" tab, then select "Show hidden files, folders, and drives". show hidden files, folders and drives).


  5. Drag files .dmp to the BlueScreenView window. The fastest way to open the .mp file is to drag the file onto the window. The file has not been moved from its original location. The lower part of the BlueScreenView window will display the data after dragging the file into the program window.

  6. Look for the "Caused By Driver" column in the first item. You may have to scroll down to find this column. This column shows the driver that caused the system error.
    • You can find the problematic driver highlighted in red in the lower part of the window. Double click on the highlighted category to see details: product name, description, link.

  7. Use this information to fix the problem. Now that you know which driver is the cause of the problem, you can proceed to fix it. Do a search online for "driver name Have a problem "to see the experiences of people who have encountered the same problem as you

Method 2 of 2: Using WinDBG

  1. Use this method for further analysis. Most people do not need to use Windows Debugger to open the MEMORY.DMP file to locate the faulty code in memory when a system failure occurs.If you want to find out how Windows uses drivers and memory, or want to analyze dump files for development, Windows Debugger can provide you with a lot of information.

  2. Download the Windows Software Development Kit (WDK). This program includes WinDBG - you use to open dump files. You can download WDK installer here.

  3. Run the file sdksetup.exe. This is the action to start the installer. Skip the first few screens and keep the default settings.

  4. Deselect everything except "Debugging Tools for Windows. You can deselect all other unnecessary functions when opening the dump file. This can save installation time and drive space.

  5. Wait for the file to download and install. This may take a few minutes.

  6. Open Command Prompt as administrator. You need to open Command Prompt to associate the .dmp file with WinDBG, so the program can parse the file. Start the Command Prompt in the "system32" folder.
    • Windows 10 and 8 - Right-click the Windows button and choose "Command Prompt (Admin)."
    • Windows 7 - Open the Start menu and type cmd. Press Ctrl+⇧ Shift+↵ Enter.

  7. Navigate to the debugger folder. Enter the command below to switch to the correct directory. If you're using Windows 10, you can copy and paste the command. For older versions, you have to type:
    • cd Program Files (x86) Windows Kits 8.1 Debuggers x64

  8. Enter the command to link to the dump file. Enter the following command to associate WinDBG with the.dmp file. Windows 10 users can copy and paste the following command:
    • windbg.exe -IA
    • If you enter the command correctly, a blank WinDBG window will appear, you can close this window.

  9. Start WinDBG. You need to configure WinDBG to download the correct file from Microsoft to open .mp file. You must do this when you open the WinDBG program.
    • The fastest way to start the program is to press the key ⊞ Win and type "windbg."

  10. Click "File" and select "Symbol File Path" (Path icon file). This will open a new window.

  11. Copy and paste the following address. This path will tell WinDBG to download the necessary icons from Microsoft, and store them at:
    • SRV * C: SymCache * http: //msdl.microsoft.com/download/symbols
    • The folder grows larger each time you open the debug file and load additional icons from Microsoft.

  12. Find the dump file you want to analyze. The file (.dmp) is generated when there is a system error. By default, you can find them in the directory after system restore. The file can also be located in a directory. If you can't find the file, you'll need to make adjustments to show hidden files:
    • On Windows 10 and 8, click on the "View" tab in Windows Explorer and uncheck the "Hidden items" dialog box.
    • On Windows 7 and earlier, open Folder Options in Control Panel, click the "View" tab, then select "Show hidden files, folders, and drives".

  13. Double click on the dump file. As long as you have configured WinDBG in accordance with the steps above, WinDBG will start up and process the file.

  14. Wait for the dump file to load. If it is your first time opening the dump file, you will need to wait for the icon to be downloaded from Microsoft. Do not interfere when the WinDBG program loads the file.
    • The next time the dump file will load faster because you have already downloaded the icon to the directory.
    • When you see it at the bottom of the file, the file has finished downloading.

  15. Look for the line "Probably caused by". This is the fastest way to find out the cause of the error. WinDBG will analyze the dump file and report which driver or process is causing the problem. You can use this information to fix the problem or do more research.

  16. Find the BugCheck code. The dump file will respond to the code of each error when a system failure occurs. Look for the code just below the "Probably caused by" line. You should see a 2-character code, for example "9F".
    • Access the Microsoft Bug Check Code Reference. Find the code corresponding to BugCode by 2 characters of each line.
    advertisement

More Details

Overcoming a sex addiction
Overcoming a sex addiction
Motivating yourself in the morning
Motivating yourself in the morning
Cleaning mirrors
Cleaning mirrors
Play Minecraft Multiplayer on an Xbox 360
Play Minecraft Multiplayer on an Xbox 360