How to Read Mini Dump Files in Windows

If your computer crashes, how can you find out what happened, fix the issue and it prevent it from happening again? You may find the small memory dump file useful in this situation. The small memory dump file contains the smallest amount of useful information that could help you identify why your computer crashed. The memory dump file contains the following information:

• The Stop message, its parameters, and other data
• A list of loaded drivers
• The processor context (PRCB) for the processor that stopped
• The process information and kernel context (EPROCESS) for the process that stopped
• The process information and kernel context (ETHREAD) for the thread that stopped
• The Kernel-mode call stack for the thread that stopped

Troubleshooting with WinDbg is an excellent way to begin software troubleshooting when hardware failures have been eliminated.

Installing the WinDbg Tool

Follow these steps to install the WinDbg Tool in Windows 11 or Windows 10:

1. Navigate to the Microsoft WinDbg download page in your preferred browser.
2. Click the Get (or Install/Open) button.
3. Click Open Microsoft Store in the popup dialog box.
4. Click the Install button.

   

5. Once installation is complete, click Launch.

Analyzing Dump Files

Follow these steps to open and analyze a Dump file in Windows 11 or Windows 10:

1. Click Search in the Taskbar and type WinDbg,
2. Right-click WinDbg and select Run as administrator.

   

3. Click the File menu.
4. Click Start debugging.
5. Click Open Dump file.

   

6. Select the Dump file from the folder location – for example, %SystemRoot%\Minidump.
7. Click Open.
8. Opening a Dump File may take several minutes. The progress bar is a handy indicator.
9. In the run command, type !analyze -v and press Enter.

   

10. Keep an eye on the progress bar until the analysis is complete (large Dump files may take a long time).
11. WinDbg will display the results of the analysis for review. Researching the results will lead to further troubleshooting steps and potentially reveal the cause of the error.

    

Using the Driver Verifier tool to Gather Information

Approximately 75% of blue screen errors are caused by driver issues. The Driver Verifier tool runs in real-time to examine the behavior of installed drivers. The driver verifier manager is built into Windows and is available on all Windows PCs.

Follow these steps to start the driver verifier manager:

1. Click Search in the Taskbar and type CMD in the field.
2. Right-click Command Prompt and select Run as administrator.
3. Type Verifier at a command prompt.

You can specify which drivers you would like to verify. The verify tool adds all drivers associated to the driver being verified as it runs, so try and verify the smallest number of drivers as possible.

For more information, see Driver Verifier.

WinDbg is a Microsoft tool. For more information on usage, see the following Microsoft articles.

1. Crash dump analysis using the Windows debuggers (WinDbg)
2. Analyzing a Kernel-Mode Dump File with WinDbg
3. Using the !analyze Extension and !analyze

Recommended Articles

Here are some recommended articles related to this topic that might be of interest to you.

• How to Export Windows Event Logs