User Initiated Kernel dump in Windows XP
Asked Answered
A

4

7

I remember watching a webcast from Mark Russinovich showing the sequence of keyboard keys for a user initiated kernel dump. Can somebody refresh my memory on the exact order of the keys.

Please note this is for XP.

Anitaanitra answered 12/9, 2008 at 15:30 Comment(0)
M
8

http://psacake.com/web/jr.asp contains full instructions, and here's an excerpt:

While it may seem odd to think about purposefully causing a Blue Screen Of Death (BSOD), Microsoft includes such a provision in Windows XP. This might come in handy for testing and troubleshooting your Startup And Recovery settings, Event logging, and for demonstration purposes.

Here's how to create a BSOD:

Launch the Registry Editor (Regedit.exe).
Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt\Parameters.
Go to Edit, select New | DWORD Value and name the new value CrashOnCtrlScroll.
Double-click the CrashOnCtrlScroll DWORD Value, type 1 in the Value Data textbox, and click OK.
Close the Registry Editor and restart Windows XP.
When you want to cause a BSOD, press and hold down the [Ctrl] key on the right side of your keyboard, and then tap the [ScrollLock] key twice. Now you should see the BSOD.

If your system reboots instead of displaying the BSOD, you'll have to disable the Automatically
Restart setting in the System Properties dialog box. To do so, follow these steps:

Press [Windows]-Break.
Select the Advanced tab.
Click the Settings button in the Startup And Recovery panel.
Clear the Automatically Restart check box in the System Failure panel.
Click OK twice.

Here's how you remove the BSOD configuration:

Launch the Registry Editor (Regedit.exe).
Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt\Parameters.
Select the CrashOnCtrlScroll value, pull down the Edit menu, and select the Delete command.
Close the Registry Editor and restart Windows XP.
Note: Editing the registry is risky, so make sure you have a verified backup before making any changes. 

And I may be wrong in assuming you want BSOD, so this is a Microsoft Page showing how to capture kernel dumps: https://web.archive.org/web/20151014034039/https://support.microsoft.com/fr-ma/kb/316450

Majunga answered 12/9, 2008 at 15:54 Comment(0)
P
1

As far as I know, the "Create Dump" command was only added to Task Manager in Vista. The only process I know of to do this is using the adplus VBScript that comes with Debugging Tools. Short of hooking into dbghelp and programmatically doing it yourself.

Pressroom answered 12/9, 2008 at 15:48 Comment(0)
M
1

You can setup the user dump tool from Microsoft with hot keys to dump a process. However, this is a user process dump, not a kernel dump...

Melanimelania answered 12/9, 2008 at 15:58 Comment(0)
B
0

I don't know of any keyboard short cuts, but are you looking for like in task manager, when you right click on a process and select "Create Dump"?

Belvabelvedere answered 12/9, 2008 at 15:43 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.