Analyse system crashes
Windows is creating a minidump whenever it's crashing. This minidump contains data that was stored in part of the memory. The interesting aspect of this procedure is that it's relatively easy to analyse the minidump using the Debugging Tools for Windows [link]. The tool has a size of roughly 18 Megabytes and is compatible to Windows XP, Vista and Windows Server 2003 and 2008.
After installing and starting the Microsoft Debugging Tools for Windows you should add a Symbol File Path to the software by clicking on File > Symbol File Path. Enter the following information in the text field: SRV*e:\symbols*http://msdl.microsoft.com/download/symbols with e:\symbols being an empty directory on your hard drive which can be changed to any other directory. Data will then be automatically downloaded from the Microsoft server. Symbols enhances debugging by automatically retrieving debugging files for various Microsoft products during a debugging session.
The next step would be to load the last minidump which is accessible in the Windows directory. A click on File > Load Crash Dump will load the minidump which takes about 20-30 seconds.
If everything went fine until this point you will see information like the one above which gives a first indication on the type of problem and file and / or hardware involved. The parameter DEFAULT_BUCKET_ID displays the type of error, for instance driver fault and process name lists the process that was involved.
Clicking on the !analyze -v link will display in depth information about the crash. The next steps depend on the type of information that you get. I usually start by doing a search on the files and error messages mentioned in the debugger which usually provide enough information to fix the issue.
Software errors for instance could be fixed by updating the software or uninstalling it if it's not necessary. Hardware errors are more often than not driver related which means a driver or bios update could fix the error.
Advertisement
Thanks for posting this – it was just the kickstart I needed to diagnose my SP3 woes.
Thanks for the info. I’ve got blue screen crashes for a couple months now in vista. I think it most be something with the drivers of the graphic card but I am not sure. I hope this tool will bring me further to the solution.
I can’t come further than the minidump. I could not find it in the directory. Do you know why? Because I have had blue screens for many times no, so there should be a dump file, or not?
maybe it’s deactivated. Make also sure the Error Reporting Service is running, not sure if any other services are needed though.
Configure the dump type
To configure startup and recovery options to use the small memory dump file, follow these steps.
Note Because there are several versions of Microsoft Windows, the following steps may be different on your computer. If they are, see your product documentation to complete these steps.
1. Click Start, point to Settings, and then click Control Panel.
2. Double-click System.
3. Click the Advanced tab, and then click Settings under Startup and Recovery.
4. In the Write debugging information list, click Small memory dump (64k).
To change the folder location for the small memory dump files, type a new path in the Dump File box (or in the Small dump directory box, depending on your version of Windows).