Friday, July 13, 2012

Notes WinDBG

This article shows how to GET and INSTALL and use WINDBG.

Goal: To analyse *.dmp file from Blue Screen of Death (BSOD)

OS: Windows 7 SP1 or Windows Server 2008 R2


1. To get the WinDBG.exe, go to:
This is the site called Microsoft Windows SDK for Windows 7 and .NET Framework 4

Discovering this site was a challenge. I first type "windbg" on Google. Then the usual Microsoft run around actually pointed to the Windows 8 RC version for this tool. But the link above is the correct one for Win7 and Win 2008 ServerR2.

Although we need WinDBG only, it comes as part of the Windows Driver Kit or the SDK as well.
The site above lets you download "winsdk_web.exe" 498K. This is a web setup - which is why the size is so small.

2. Install WinDBG.
Click on winsdk_web.exe
You may get an error if you choose to install everything.
I needed WinDBG only so I selected the following to install:
- .Net Development
    Intellisense and Reference Assemblies
- Common Utilities
- Redistributatble Packages
    Debugging Tools

3. Run WinDBG.exe
When installed properly, it is generally located in:
C:\Program Files\Microsoft SDKs\Windows\v7.1\Redist\Debugging Tools for Windows
.... or something like that.

From the Start Menu, type WinDBG on the search bar.

Or from the Start Menu - All Programs - Debugging Tools for Windows - WinDBG

4. Get Debugging Symbols
This is a one time setup.
- Create a new folder called C:\Symbols
- Open WinDBG
- Click on File – Symbol File Path
- Insert the following path:

5. Analyse DMP files.
Usually BSOD dump files are located in: C:\Windows\Minidump....
In WinDBG, click File - Open Crash Dump, then select your dump file.

Some information is displayed on the Window. If you need more information, click on the text called "!analyze -v" in the WinDBG window.

No comments: