2. Register Windbg for Dump Files (File Associations)

jcgriff2

Co-Founder / Admin
BSOD Instructor/Expert
Microsoft MVP (Ret.)
Staff member
Joined
Feb 19, 2012
Posts
21,541
Location
New Jersey Shore


SET WINDBG FILE ASSOCIATIONS

These simple commands will set Windbg as the default app to open files with file extensions .DMP, .HDMP, .MDMP, .KDMP and .WEW.

You can then double-click on a dump file and Windbg will start.

Bring up an Admin CMD prompt; enter these 2 line commands:
Code:
cd\Program Files (x86)\Windows Kits\10\Debuggers\x64

windbg.exe -IA
* Change line 1 to the folder containing your installed Windbg
* IA is case sensative

CMD Screen + Result of line 2 (Windbg will open):


- The above is from a Windows 10 x64 system (screens = W7 SP1 x64)
- Windbg version = Windows 10.0.x x64



Set Windbg to "Run as Admin" - RIGHT-click on Windbg.exe via Windows Explorer -
 
Last edited:
Add Windbg (kd>) Commands to Program Default for Dump Files

Most of us have Windbg set up as the default program for dump files - Register Windbg for dump files (File Associations)

Did you know that you can also add kd commands to run by default as well?

Simply setting up Windbg as the default program leaves Windbg at this point after double-clicking on a dump file -- waiting for you to enter additional commands at the kd> line such as !analyze -v -
Code:
[FONT=Lucida Console]*******************************************************************************[/FONT]
[FONT=Lucida Console]*                                                                             *[/FONT]
[FONT=Lucida Console]*                        Bugcheck Analysis                                    *[/FONT]
[FONT=Lucida Console]*                                                                             *[/FONT]
[FONT=Lucida Console]*******************************************************************************[/FONT]
[FONT=Lucida Console] [/FONT]
[FONT=Lucida Console]Use !analyze -v to get detailed debugging information.[/FONT]
[FONT=Lucida Console] [/FONT]
[FONT=Lucida Console]BugCheck 50, {fffff80011b0e74d, 8, fffff80011b0e74d, 2}[/FONT]
[FONT=Lucida Console] [/FONT]
[FONT=Lucida Console]Could not read faulting driver name[/FONT]
[FONT=Lucida Console]Probably caused by : ntkrnlmp.exe ( nt! ?? ::FNODOBFM::`string'+43346 )[/FONT]
[FONT=Lucida Console] [/FONT]
[FONT=Lucida Console]Followup: MachineOwner[/FONT]
[FONT=Lucida Console]---------[/FONT]

I changed my default set up to include these commands -
Code:
[FONT=Lucida Console]!analyze -v;r;kv;lmtn;lmtsmn;.bugcheck[/FONT]

So, when I double-click on a dump file, all of the basic commands that I like to run do so without me having to enter them at the kd> command line.

Try it out!

Back up your registry first (I opted to create a system restore point).

Maneuver to this registry key and add your default Windbg commands -

Code:
[FONT=Lucida Console]HKLM\SOFTWARE\Classes\WinDbg.DumpFile.1\shell\Open\command[/FONT]

The (Default) should look something like this (by default):
Code:
[FONT=Lucida Console]"C:\Program Files (x86)\Windows Kits\8.1\Debuggers\x64\windbg.exe" -z "%1"[/FONT]

I added the kd commands that I mentioned above:
Code:
[FONT=Lucida Console]"C:\Program Files (x86)\Windows Kits\8.1\Debuggers\x64\windbg.exe" -z "%1"[COLOR=#ff0000] -c "!analyze -v;r;kv;lmtn;lmtsmn;.bugcheck"[/COLOR][/FONT]

Double-clicking on a dump file now runs all of the commands in RED by default.

Please note that I made these changes yesterday for the first time, so it is far from 100% tested.

Regards. . .

John
 
I tried this right now and I found IA is case sensitive.
I.e., windbg -ia won't work, whereas windbg -IA will work.

Default folders: C:\Program Files (x86)\Windows Kits\10\Debuggers\x86 and C:\Program Files (x86)\Windows Kits\10\Debuggers\x64.

Therefore, if you installed windbg in its default folders, and after you opened an elevated command prompt, the command could be:
"C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\windbg" -IA
Tried on OS: Win10 STD x64 v1703 b15063.540 (i.e. updated)

Win7 x86 (professional):
Default folder: C:\Program Files\Windows Kits\8.1\Debuggers\x86
Command: "C:\Program Files\Windows Kits\8.1\Debuggers\x86\windbg" -IA

:wave:
 
Last edited:
Thanks - I edited the tutorial, adding the instruction that "IA" is case sensitive.

John
 

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top