Ok, before I go to bed, here's a quick run through of the MS Debugger.
You can grab the debugger from
http://www.microsoft.com/ddk/debugging/default.asp
After you've downloaded the debugger, click the Symbols link and there's an explination there of how to download kernel symbols.
Start the debugger, click file, source file path, and set that to C:\Windows\System32 (assuming that path is right to your system32 folder, and if it complains about not being able to load files, try either %systemroot% or C:\Windows) and do the same for Image File Path.
You'll then set the Symbol Path from the directions on the link, changing downstream store to the place on your hdd you want to store downloaded kernel symbols.
From there, you can do a few things, debug the windows kernel, attach the debugger to and debug a running process, debug a C source file, debug an exe, or debug a minidump. I haven't played around with any of the options other than debugging a minidump.
Choose file \ open crash dump, navigate to your Minidump folder after a blue screen, open the minidump, let it save workspace information, and then you'll get two windows.
One is line by line the assembly code for what's in memory when the crash happened, all jibberish to me
, and the other is a screen that will look like what I pasted above. Play around with your image and source paths if you get files could not be loaded errors. Once it's done, type !analyze -v to get a detailed analysis, and it will usually be able to tell you the exact file or files that caused the system to crash, using the one above as an example it would be something like this:
UdfReadr.sys was loaded in ram, conflicted with ntoskrnl.exe, and that caused the machine to crash.
If you need anymore of an explination I'll be happy, just ask
, for now, I must sleep, got classes at 8am, lol.
) 
Linear Mode
