Forcing system crash to dump memory and troubleshooting

by dakseven, posted in Windows 7, Windows 8, Windows 8.1, Windows server 2012, Windows server 2012 R2

error

Windows often generates a memory dump event on a critical hardware error because of a software fault . Is known as blue screen of death or a bugcheck . Maybe in some situations is useful to manually force it and generate de DMP file .

Example : The computer hangs when opening app or something . then we can manually generate this File to troubleshoot it

To activate this manual crash we must realize some changes in the windows registry ()

Prerequisites:

Most of the following keyboards can cause a system crash directly:

PS/2 keyboards connected on i8042prt ports
This feature is available in Windows 2000 and later versions of Windows operating system.

USB keyboards
This feature is available in:

  • Windows Server 2003 Service Pack 1 if the hotfix available with KB 244139 is installed.
  • Windows Server 2003 (with Service Pack 2 or later).
  • Windows Vista Service Pack 1 if the hotfix available with KB 971284 is installed.
  • Windows Vista Service Pack 2.
  • Windows Server 2008 Service Pack 1 if the hotfix available with KB 971284 is installed.
  • Windows Server 2008 (with Service Pack 2 or later).
  • Windows 7 and later versions of Windows operating system.

Note  This feature is not available in Windows XP.

  1. With PS/2 keyboards, you must enable the keyboard-initiated crash in the registry. In the registry keyHKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\i8042prt\Parameters, create a value namedCrashOnCtrlScroll, and set it equal to a REG_DWORD value of 0x01.
  2. With USB keyboards, you must enable the keyboard-initiated crash in the registry. In the registry keyHKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\kbdhid\Parameters, create a value namedCrashOnCtrlScroll, and set it equal to a REG_DWORD value of 0x01.
  • To create a complete dump file edit the following registry key

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kbdhid\Parameters

value  CrashOnCtrlScroll on 0x01

  • Ensure you have this key activated with the 0x01 value written on it

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl

value CrashDumpEnabled on 0x01

Once you’ve finished with the registry changes PRESS:  RIGHT CONTROL + TWICE SCROLL LOCK 

You will be able now to dump into a file the memory ( You will see “User manually generated the crashdump”)

image65

Enjoy

Advertisement

Published by dakseven

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.