Archive for January 8th, 2009

Where did the crash dump come from? (Part 2)

Thursday, January 8th, 2009

Part 1 focused on using a debugger to extract a computer name from memory dumps. Here is a very simple approach for user dumps using built-in command line tools:

C:\UserDumps>findstr "COMPUTERNAME=" new_0200_2008-04-28_14-11-54-937_0cb0.dmp

Most of the time the last portion of output contains something like this:

..CommonProgramW6432=C:\Program Files\Common Files..COM
PUTERNAME=HOME-PC....ComSpec=C:\W2K3\system32\cmd.exe..
..♀.FP_NO_HOST_CHECK=NO...♂.HOMEDRIVE=C:......HOMEPATH=
\Documents and Settings\User...........................
.LOGONSERVER=\\SERVER..∩...NUMBER_OF_PROCESSORS=1...δ..
;..Φ;..╨α,.~........²²²²COMPUTERNAME=HOME-PC.²²²²

If we don’t see the variable we can redirect the output into a text file and look in it or simply open a dump in any hex editor and search for a UNICODE string.

- Dmitry Vostokov @ DumpAnalysis.org -

Posted in Crash Dump Analysis, Debugging, Software Technical Support | 2 Comments »

MDAA Variety on Creme and White Paper

Thursday, January 8th, 2009

Which paper type do you prefer? Paperback Memory Dump Analysis Anthology volumes are printed on creme paper. Hardback volumes sold on Amazon are also printed on creme paper but Lulu uses white paper for them. Full color hardback Volume 1 Collector’s Edition is printed on white paper too and sold on Lulu only. I chose creme paper for Amazon and other distribution channels because I read that this type of paper is easier to read. So if you like text printed on white paper your only option at the moment is to buy a hardcover on Lulu.

Here is a stack of all different types of volumes:

From top to bottom:

  • - Paperback Volume 1 on crème paper (Lulu, Amazon, B&N, … )
  • - Hardcover Volume 2 on crème paper (Amazon, B&N, … )
  • - Paperback Volume 2 on crème paper (Lulu, Amazon, B&N, … )
  • - Hardcover Volume 1 on crème paper (Amazon, B&N, … )
  • - Hardcover Volume 1 on white paper (Lulu)
  • - Hardcover Volume 2 on white paper (Lulu)
  • - Hardcover Volume 1 Collector’s Edition on white paper (Lulu)

- Dmitry Vostokov @ DumpAnalysis.org -

Posted in Books, Crash Dump Analysis, Debugging, Publishing | No Comments »

Bugtation No.81

Thursday, January 8th, 2009

“One must look for one” bug “only, to find many.”

Cesare Pavese, This Business of Living: Diaries 1935-1950

- Dmitry Vostokov @ DumpAnalysis.org -

Posted in Bugtations, Debugging | 1 Comment »