Trouble shooting stop Errors and the memory dump
Or so you have a BSOD and you don’t know why

To determine what happened first you will need to ensure that the computer did make a physical memory dump file.

Go to “C:\WINNT\” or “C:\WINDOWS” and look for a folder called MINIDUMP or a file called MEMORY.DMP

The files you will need to analyze will be one of those

To actually analyze the file you will need to use a toolkit. And no I’m not talking about a sledgehammer and crowbar. I am referring to the Debugging Tools for Windows Available here http://www.microsoft.com/whdc/devtools/deb...installx86.mspx

After you have downloaded and installed the toolkit you will be ready to get into the nuts and bolts about figuring out what the hell is going on.

Click Start>Programs>Debugging Tools for Windows>WinDbg

You will be presented with a program that looks kind of like notepad.

Next we need to set a variable to fully decode the memory dump file.


Click on File, Symbol File Path and paste this string in the box

SRV*c:\symbols*http://msdl.microsoft.com/download/symbols

Click ok and then save the workspace (so you don’t have to enter that string every time once again it would be nice for Microsoft to actually be proactive.

To open the memory dump and look at it you will need to click on File > Open Crash Dump. And browse to the path where you found your memory dump earlier.

Double click on the dump file you want to analyze and go get a cup of Coffee, as this will take a few minutes.

You will get a dump file that resembles the below when you get back



Now to decipher the dump report

Under the Bug Check {} those are the stop codes googling those particular codes will give you information that may or may not be benificial to your troubleshooting

And looking up the Probably Caused By: will give you an ides on where to start troubleshooting

Luckily for me when my PC did this it was right after I just installed a mouse and was able to get a patch to fix the mouse driver that was crashing my kernel (testing a USB laser mouse instead of my PS2 Optical)

I hope you have found this little write up enlightening as it was for me to write it.

Carl

Nice, the perfect First Responce to the pesky BSOD.

Great Tutorial.

Oh I just got the September 2006 Maximum PC sitting on my desk apparently they and they have an article that would be a good mate with this tutorial.

it goes in to specific trouble shooting beyond the device driver level that I touched upon here.

Pages 42-50

I hit the photo copier and made a copy for the other techs I work with.

I did all of the steps but when I try to analyze the memory dump file it says that the "debugee is not connected" Any more ideas?

Attach the minidump file here and Ill take a look when I have time.

After going through a bunch of Minidump files this week that disconnected to debugee is normal you just need to wait a while as the program decodes the dump.

The computer you are using to analyze the dump needs to have a internet connection as it downloads the symbols as needed on the fly.

I wanted to try these steps because when I try to start my computer I get the blue screen with the physical memory dump message. However, windows 2000 won't open, so I have to go in through "safe mode". When I tried downloading the debugger program windows won't let me because I'm in safe mode. Any other suggestion?

Thanks