Look at the operating system version and SP details from the dump in WinDbg..

This is a very common question, we encounter almost all the times.

Just imagine a situation, we have got a memory dump from somewhere and want to see what operating system which is run there and what SP is installed.. For this, there is a very simple command.


Windows Server 2003 Version 3790 (Service Pack 2) MP (4 procs) Free x86 compatible
Product: Server, suite: TerminalServer SingleUserTS
kernel32.dll version: 5.2.3790.4062 (srv03_sp2_gdr.070417-0203)
Debug session time: Tue Oct 30 05:54:21.000 2007 (GMT+5)
System Uptime: 3 days 8:21:53.750
Process Uptime: 0 days 4:28:05.000
  Kernel time: 0 days 0:00:34.000
  User time: 0 days 0:09:37.000

Stay tuned.. Wave

Comments (0)

Skip to main content