Learning BSOD Analysis: Getting Started

Learning BSOD Analysis: Getting Started

This is part 1 of the learning path “Learning BSOD Analysis” in this post we will cover all the tools you need and how to set them up, so you can start analyzing BSODs.

This learning path has a normal difficulty, people interested in Windows and computers can follow this guide, it’s not intended for people who only use their system for document processing due to the terminology used.

If you already have WinDbg and have it set up to the MSDN Symbol then you can skip this post and continue to the next one.

 

Don’t forget to subscribe to WindowsInstructed! You can do this on the homepage or by registering an Account with WindowsInstructed. We won’t sent you spam, only the latest website updates, new content and from time to time helpful information!

Getting the tools

To debug Windows Crash Dumps (BSOD dumps) you’ll need the right tools. We will use Windows Debugging Tools in this learning path.

You’ll first need to download and install it, you can download it here:

Windows 7 and below Windows 8 and up

Installing the tools

After you’ve downloaded the correct debugging tools, you’ll need to install them. In this post I will use Windows 8 to install them, so if you downloaded the Windows 7 version things could look different.

  1. Start the installation process
  2. Set the installation path, I will use the default installation location, then click on Next
  3. Choose if you wish to join CEIP (it does not matter for the software) and then click on Next
  4. Read and accept the Software License
  5. Deselect all options, and only select Debugging tools for Windows.2014-05-30_11-33-36
  6. Click the Install button, then wait for the installation to complete.

Configuring the tools

Before you will be able to analyze crash dumps, you’ll need to set up the software, we will cover that part now.

  1. Open WinDbg (x64 or x86, I normally use x64)
  2. Click on File
  3. Click on Symbol File Path…2014-05-30_11-37-55
  4. Set the following file path:
    http://msdl.microsoft.com/download/symbols2014-05-30_11-40-12
  5. Click on OK

 

WinDbg is now installed and configured to be able to read dmp files created by a BSOD.

Opening a BSOD (dmp) file.

Another important thing to learn, is how to actually open a BSOD file created on your system and where to find them!

Finding the BSOD files.

Windows should normally automatically create a dmp file after the system has crashed, this dmp file includes all the information the system was doing at the moment of the crash. A sort of blackbox airplanes have.

The default location is: X:\Windows\MiniDumps\ (replace X with your operating system drive, C in most cases)

Opening the BSOD File.

WinDbg can only open one dmp file at a time, to open your dmp files within the program follow these steps:

  1. Click on File
  2. Click on Open Crash Dump
  3. Open the DMP file

 

This was part one of learning BSOD analysis, you should now be able to:

  1. Install Windbg
  2. Configure Windbg
  3. Finding a DMP File
  4. Opening a DMP File.

To continue read “Learning BSOD Analysis: Your first analysis in WinDbg”. Don’t forget to share it on your social media, other people might be interested in learning BSOD Analysis as well!

Next lesson

No Responses

Leave a Reply

News Previews Troubleshooting Useful Tips
Change PC Settings
FIX: Change PC Settings button is not working in Windows 8.1
CMD Commands
FIX: Windows Resource Protection could not start the repair service
update
Windows Update 800004005
Installation Recovery Security Troubleshooting Tweaks Useful Tips
Change PC Settings
FIX: Change PC Settings button is not working in Windows 8.1
CMD Commands
FIX: Windows Resource Protection could not start the repair service
windows 8024a000
Windows Update Error Code 8024A000
Installation Recovery Security Troubleshooting Tweaks Useful Tips
CMD Commands
FIX: Windows Resource Protection could not start the repair service
windows 8024a000
Windows Update Error Code 8024A000
7389234452_8b58c65c48_z
FIX: KB2952664 Fails with Error Code 80242016
Advanced Beginner Expert Immediate
mascot01 (1)
Windows: Did you Know? Tips and Tricks #1
Top secret - Windows 8
Must know Windows 10 Secrets
2014-09-19_0-26-08
Learning: Killing processes with Powershell

Sorry for interrupting

WindowsInstructed has a monthly update with the best comics, memes, tutorials and troubleshooting guides. This update is delivered right to your mailbox. Do you like learning more about Windows? Have access to unique discounts? and have a good laugh? Then subscribe to our newsletters.

  • Monthly Update
  • Access to Unique Discounts
  • Access to Pre-versions of software
  • The latest Windows tutorials
  • and so much more.