Taking the User-Mode Dumps on Windows 2008 Server, Windows 7

Hi All,

 

We can use Debug Diagnostics 1.2 on windows 2008 and Windows 7. Please visit KB https://support.microsoft.com/kb/2580960 for more information.

 

Also Windows 2008 and Windows 7 has got WER services which can take the User-Mode crash dump. This works very well for x64 versions too.

 

To configure WER services please visit the below link :

 

Collecting User-Mode Dumps

https://msdn.microsoft.com/en-us/library/bb787181(VS.85).aspx

 

Starting with Windows Server 2008 and Windows Vista with Service Pack 1 (SP1), Windows Error Reporting (WER) can be configured so that full user-mode dumps are collected and stored locally after a user-mode application crashes.

 

For example if my IIS 7 worker process i.e. w3wp.exe is crashing then I need to configure below.

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LocalDumps\w3wp.exe]

"DumpFolder"= REG_EXPAND_SZ: c:\temp

"DumpCount"=dword:00000005

"DumpType"=dword:00000002

 

And above registry settings will give you 5 dumps for w3wp.exe if it crashes.

 

Collecting User-Mode Hang Dumps

 

For taking hand dumps in Windows 7 and Windows 2008 server, we need to figure the hung process. Open task manager >> figure out the hung process >> right click on the hung process >> click “Create Dump File”. And dump will be taken on the temp path. The path will be shown in the dialogue box. Press Ctrl + C on the dialogue box and message(path) will be copied to the clipboard.

 

 

 

This applies to x64 versions as well. For advanced users there is always "Debugging tools for Windows"

https://www.microsoft.com/whdc/DevTools/Debugging/default.mspx

 

	Install Debugging Tools for Windows 32-bit VersionDownload page for the latest 32-bit packages.
	Install Debugging Tools for Windows 64-bit VersionsDownload page for the latest 64-bit packages.