When a Windows 10 device crashes, information like time and causes about the malfunction will automatically be collected and stored in the Minidump files. But many users still struggle with “How to read memory dump files in Windows 10” because the files do not appear so easily on the Desktop.
If you have yet to discover the explanations for your Windows 10’s crash, regardless of when the incident was, follow the techniques we provide below to keep your device and, most importantly, your data from further dangerous risks.
Without further ado, let’s discover how to read memory dmp.
How To Read Memory Dump Files In Windows 10
We will introduce you to 2 ways to analyze these dump files using a windows dump analyzer.
Utilize BlueScreenView
BlueScreenView works as a minidump analyzer. During the blue screen of death crashes, this app will create minidump files and scan them for detailed analysis.
It displays the crash information in a table with a minidump filename, date and time, basic information shown on the blue screen, and names of some drivers of that accident.
Follow the milestones below to activate and use BlueScreenView within minutes.
Step 1: Download BlueViewScreen
You can download BlueViewScreen directly from NirSoft. You can find download links in the bottom line.
You should download the private program under ZIP format and start the program without installation.
When the download is finished, right-click and select “Extract” to create a new folder containing the program’s BlueScreenView. You could place it wherever you desire to.
Step 2: Run BlueViewScreen on your computer
Open the site and double-click on the BlueViewScreen icon to run the application.
When a crash occurs, minidump files will be created immediately with the ending .dmp. BlueViewScreen’s job is to read .dmp file for you.
After being opened, BlueViewScreen will automatically search for minidump files. The following photo describes how everything is displayed at this step.
The first category indicates the name of the dump file. An example, in this case, is 011720-27640-01.dmp.
Crash time shows when it happens.
Bug Check String is the error code, and Bug Check Code is the code to stop the error.
The most important categories are Dump File, Crash Time, and Caused By Driver. The date and time on Crash Time are displayed the same way as in the current device, making it easier to use.
To check out the driver that caused the damage in detail, perform a double click on it to look at the properties.
To find out the origin of your problem, right click on .dmp files and choose “Google Search-Bug Check+Driver”.
Apply Windows Debugger
Another memory dmp reader is Windows Debugger. Below is the step-by-step guide to run this tool.
1. Get the Windows 10 Software Development Kit (SDK) installed on your machine. Select “DOWNLOAD THE.ISO” from the drop-down menu. On your PC, you will see the most recent version of the SDK of Windows 10 after downloading.
2. Install the “KSDKWIN10 MULFRE EN-US DV9” package. On your PC, open the .iso file to see it.
3. To execute the setup on your PC, double-click on “WinSDKSetup.”
4. Select “Install the Windows Software Development Kit-Windows 10.0.18362.1 to this computer” in the Specify Location window, then click “Next“.
5. By clicking on “Browse,” you can change the installation directory of your computer.
6. When the “License Agreement” opens, start to install the kit on your computer by clicking “Accept.”
7. When prompted to “Select the features you want to install,” tick the “Debugging Tools for Windows”, then choose “Install.”
It will take some time to complete the installation.
8. After installation, just click “Close” to exit the window.
9. To access the Command Prompt window with administrator access, click Windows key+R to open the Run box , input “cmd” and hit the shortcut CSE (Ctrl,Shift, and Enter).
10. In the Command Prompt window, copy and paste these instructions separately, press Enter after each one to run them on your PC in order.
cd\Program Files (x86)\Windows Kits\Debuggers\x64\
windbg.exe -IA
11. Type “windbg” into “Search” on the taskbar, right-click on “WinDbg(x64)*” then select “Run as administrator” to launch WinDbg. The WinDbg box will open.
NOTE: To open this window, select the appropriate “WinDbg” version based on your system’s CPU (x64-bit or x86-bit).
12. In the WinDbg window, just choose “File” then “Symbol File Path.”
13. Copy this command and put it into “Symbol path” in the Symbol Search Path window. Finally, save it by clicking “OK.”
SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
14. To save the changes, click “File” and then “Save Workspace.”
15. On your PC, press Windows key+R to open Run. Enter the folder location by typing or copy-pasting this text.
C:\Windows\Minidump
16. Double-click the .dmp file you wish to inspect on your device in the Minidump folder.
WinDbg will be used to open the minidump file.
If WinDbg has read .dmp files on your PC for the first time, loading the Kernel symbols will last quite long. The whole thing operates in the background. Don’t interrupt WinDbg if it seems to be stopped or unresponsive.
17. Once you’ve downloaded Kernel to your machine, use “!analyze -y” to fully analyze of the problem.
18. Now, please wait while the crashed data is examined. After the analysis is complete, look for “MODULE NAME” and select the corresponding name to learn more about the file that caused the problem. You can see an example in the picture below.
19. Press Ctrl+F to run the Find window, then type the phrase “probably caused by” and click “Find Next.”
You’ll be able to observe what has driven your system to crash. Below the source of the problem, you’ll see the “BugCheck” code. Check the code according to the Microsoft BugCheck Code Reference list to determine the problem’s origin.
Conclusion
There are two most common ways to read memory dump files. Both of them are convenient and effective so you have your choice of either using BlueScreenView or Windows Debugger.
Hopefully this article can puzzle out your worries about “How to read memory dump files in Windows 10”.
Also, remember to always save your data at important points to avoid losing important pieces of information.
