- Download windbg 32 bit or 64 bit version
- Create folder C:\WebSymbols
- In windbg, click File, Symbol File Path, and enter: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
- Click File, Open Crash Dump, and browse to the dump file. eg. C:\Windows\MEMORY.DMP. If you get the message "Debugee not connected" this is normal, just wait as the program is decoding the dump
- Type !analyze -v
Note: Ignore any messages about missing symbol files for kernel32!pNlsUserInfo, when using windbg version 6.8.0004.0 (more information).
More info on using the Microsoft Symbol Server (step 3).
Other Web Resources:
- Complete memory dumps are not available on computers that have 2 or more gigabytes of RAM
- Troubleshooting Windows STOP Messages
- Windows crash debugging
- Basic steps to analyze a dump file (Mark Minasi's Reader Forum)
- Using Microsoft's x86 Kernel Debugger
- Peter Gallagher blogs about how to quickly debug a BSOD
- Understanding Pool Consumption and event 2020 or 2019
Random Links I haven't read yet:
- http://channel9.msdn.com/ShowPost.aspx?PostID=335605
- http://www.tech-archive.net/Archive/...ads.html#00009
- http://www.microsoft.com/downloads/d...DisplayLang=en
- http://download.microsoft.com/downlo...0Debugging.pdf
- http://www.tech-archive.net/Archive/.../msg02956.html
- http://www.eggheadcafe.com/software/...memorydmp.aspx
- http://www.tellingmachine.com/post/2...ue-Screen.aspx
