Analyze a BlueScreen Dump File

Although this sounds like a difficult task, it is much easier than you may think. When a computer (Microsoft Windows made famous) bluescreens, the operating system is intelligent enough to save as much information as it can on what caused the problem. To ensure you have Memory Dumps enabled, right click on My Computer -> Properties -> Advanced Tab -> Settings under Startup and Recovery -> Make sure something is selected under Write debugging information. Directly below, you will see the location of the dump file.

The dump file will be located in one of two locations:

C:\Windows\MiniDump\\*.dmp (usually desktop operating systems)

or

C:\Windows\MEMORY.DMP (usually server operating systems)

You will need to install the Windows Debug Tools from the location specified in the script and then open up a command prompt from the C:\Program Files\Debugging Tools for Windows location. Copy and paste the last line of the script or drag/drop the script below into the command prompt window and press Enter. Click through any prompts and the output should list any .dll or .sys files causing the problem. Then Google for a solution. Google is your friend.

Also, please be sure you have an i386 folder on the root of your C: drive (C:i386) or put in your Windows CD and change the code from C:\i386 to D:\i386 if the D: drive is your CD drive.

Place the script below in a *.CMD file.

REM Use this script to read a Windows Dump file from a Bluescreen
REM http://support.microsoft.com/kb/315263
REM Install the Windows Debug Tools from http://www.microsoft.com/whdc/devtools/debugging/default.mspx
REM CD to "C:\Program Files\Debugging Tools for Windows"
windbg -y srv*c:\symbols*http://msdl.microsoft.com/download/symbols -i "C:I386" -z "C:\Windows\MiniDump\Mini021711-01.dmp"