How to open DMP files in Windows 7?

DMP files (dump files) are useful for debugging Windows 7, so you should know how to open and read DMP files in Windows 7 if you want to debug Windows 7. It’s very easy to open DMP files, the difficult part is locating the actual problem and analyzing the DMP file.

How to open DMP files in Windows

In order to open and view DMP files in Windows 7, you first have to install a driver kit and set the symbol path. This will allow you to open DMP files. DMP, dump files are there for you to debug your system, so there’s no way around this.
This shouldn’t take longer than 10 minutes, but if you have a slow connection, downloading the 700MB ISO file (debugging tools) might take a while.

1. Download Windows Driver Kit

To open DMP files, you will need the Windows Debugging Tools (additional download). The Debugging Tools are included in the Windows Driver Kit Version 7.1.0. You have to download this ~700MB large ISO file from Microsoft first.

Download Windows Driver Kit Version 7.1.0

2. Install Driver Kit

I’m usually to lazy to burn ISO files, so I use some tools to open the ISO files and extract the files on it.
So, open the ISO file and extract everything. In the Debuggers directory you will find a x32 and x64 installer for the Windows Debugging Tool. Make sure to install the correct one!

64-bit Windows 7: Run setup_amd64.exe
32-bit Windows 7: Run setup_x86.exe

Important: Select Custom installed and change the location to e.g. C:\Debug\ it will make things easier if you don’t like typing the full path.

Don’t know how to open ISO files? Read this: How to open ISO files in Windows 7

3. Open WinDBG

Either go directly to C:\Debug (or wherever you installed the debugging tools to) and click on windbg.exe:

Debug Tools Windbg.exe

Or open WinDBG via the Start Menu:

Open WinDbg

Set Symbol File Path

1. Step Create a new folder on your main drive and call it “Symbols”, e.g. C:\Symbols

2. Step Click on “File” – “Symbol File Path …”:

WinDBG Set Symbol File Path

3. Step Insert the following path:

SRV*C:\Symbols*http://msdl.microsoft.com/download/symbols

Replace “C:\Symbols” with your own folder if you created it somewhere else in step 1.

Open DMP file via WinDBG (CTRL+D)

WinDBG still opened? Good, the quickest way to open DMP files now is the shortcut CTRL+D or go to “File” and click on “Open Crash Dump File..”:

WinDBG Open Crash DUMP DMP File Windows 7

Where are DMP files located?

DMP files are located at O:\Windows\Minidump!

You can change the location where they are stored.

Can’t open DMP files? Permission Error!

If you are receiving a permission error like the one below, you have to take ownership of the DMP files first.

How to open Crash DMP file: Permission error

Usually, the owner is not even set:
Unable to display Current owner

Important: If you still receive the error “you don’t have permission to open this file, contact the system administrator”, copy the DMP file that you want to open and copy it into a subfolder, then it will work.

Let’s analyze the DMP file!

When you’re asked if you want to save the workspace, click yes. WinDBG will now open the DMP file and process it. This will take some time! Have some patience.

Here’s the first Bugcheck Analysis:
DMP Bugcheck Analysis

Of course, we want to dig a little deeper and enter !analyze -v to get detailed information. Now, below the next paragraph “Bugcheck Analysis” you will find some more concrete details. For my DMP file it read:

DRIVER_CORRUPTED_EXPOOL (c5)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is
caused by drivers that have corrupted the system pool. Run the driver
verifier against any new (or suspect) drivers, and if that doesn’t turn up
the culprit, then use gflags to enable special pool.
Arguments:
Arg1: 0000000000000008, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff80002c03000, address which referenced memory

In this case I had some corrupt drivers that attempted to access a IRQL that is too high, so my conclusion was to check my drivers. Now that you know the concrete error (my case: DRIVER_CORRUPTED_EXPOOL), you can also do some research and possibly find people with the same problem.

Sidenote: To run the driver verifier enter “verifier” into an elevated command prompt (how to open command prompt), you can then check the settings of currently loaded drivers for example. Keep in mind that this is advanced stuff, so you would have to do some research about it first.

I hope that this helped out some of you guys who wanted to open DMP files. Once you get used to reading DMP files, they can be handy for finding and solving problems in Windows 7 and Windows in general.

Twitter.png Facebook.png GooglePlus.png Pinterest.png LinkedIn.png Tumblr.png Email.png
4.8 of 5 0 (96%) 24 votes
- Cheers!

Tags: ,