When a driver causes a Blue Screen of Death (BSOD) error, you can find out what happened with Event Viewer. However, its database is often hard to analyze, especially for less experienced users. As part of the Windows 10 Software Development Kit (SDK), Debugging Tools for Windows (WinDbg) is designed to make troubleshooting those errors easier. And for even faster analysis, you can also use BlueScreenView.
What Causes BSOD Errors?
While these errors can come from hardware or software, many BSOD errors are caused by damaged drivers. In our example case, we’ll look at a BSOD caused by “DRIVER_IRQL_NOT_LESS_OR_EQUAL.” This error occurs when a driver tries to write to a memory address that doesn’t exist, and it causes a system crash. The solution to a problem like this will typically determine the driver responsible for the crash, and then update or reinstall it.
1. Download BlueScreenView from the developer’s website. Click “Download links are at the bottom of the page,” then “Download BlueScreenView 64-bit (in Zip file).”
2. Extract the ZIP archive in Explorer.
3. You can move the extracted directory to Program Files, but you don’t have to. It will also run from your Downloads folder.
Using BlueScreenView to Analyze a Minidump
When your computer crashes with a BSOD (AKA a STOP error), it quickly creates what’s called a “minidump.” This file is a useful, if cryptic, error log that can help you understand why your computer crashed. Unfortunately, they’re a little impenetrable, and Windows’ default Event Viewer doesn’t make analyzing them any easier. BlueScreenView simplifies minidump analysis by translating the text file into a graphical interface and highlighting driver errors.
1. Open BlueScreenView.
2. When the application opens, it will automatically show you the contents of the most recent minidump file.
3. Driver errors will be highlighted in red. As you can see, it looks like I have two errors here: one on “L1C63x64.sys” and another on “ntoskrnl.exe.” The “.sys” file is really what interests me, since that’s a driver. The other file is the Windows kernel which will be blamed in most BSOD errors, but there’s nothing wrong with it.
4. To find out more information about the error I’m interested in, I’ll click on “L1C63x64.sys,” and then click the “Properties” icon in the menu bar.
5. In this new window, I can see more information about the driver. Most importantly, I can see that the driver is associated with the Qualcomm Ethernet chip on my PC’s motherboard. This is vital, since now I know where to go to update the driver.
6. If you’re still stumped, you can choose “Google Search – Bug Check + Driver” from the File menu to automatically start a Google search for the stop code and the driver that was culpable.
Install Debugging Tools for Windows
Also known as WinDbg, Debugging Tools for Windows can be downloaded as part of the Microsoft SDK.
1. Download the installer file for the Windows SDK.
2. Run the installer. Make sure the tick box next to “Debugging Tools for Windows” is checked. If you want to install all the components of the SDK, feel free, but you only need to install the Debugging Tools.
3. After you’ve checked off everything you want to download, click the “Install” button in the lower right.
Using Debugging Tools for Windows
Debugging Toots for Windows, or WinDbg, is a bit more complicated that BlueScreenView, but it also gives you a lot more information. It’s a good alternative method of analysis for tricky errors.
1. Find WinDbg (x86) by typing “WinDbg (x86)” into Cortana. You can also find the program in “C:\Program Files (x86)\Windows Kits\10\Debuggers\x86.”
2. Right-click on the WinDbg icon and choose “Run as administrator.” This will allow Windbg to open minidump files from the Windows directory, which it normally can’t do.
3. Choose “Open Crash Dump…” from the File menu.
4. Navigate to the “Minidump” folder at “C:\Windows\Minidump.”
5. Open the folder and choose the file you want to open. It’s most likely the most recent file.
6. Wait for Windbg to analyze the file. You’ll know it’s done when “Debuggee not connected” disappears.
!analyze -v in the command prompt and press “Enter.”
8. Wait for the analysis to complete.
9. Scroll back up the analysis results until you find a line that says “MODULE_NAME.”
10. Click on the hyperlinked driver name. This will automatically run the command
lmvm on that driver, which reveals more information.
Fixing the Problem: Updating Drivers
Once you’ve identified the name of the driver causing the problem, update or reinstall the driver immediately. This process differs for every manufacturer, but if you Google the name of the driver and the manufacturer, you should be able to find updates on the manufacturer’s web page.
BlueScreenView is a solid application for quickly analyzing BSOD errors. If you have more advanced needs, WinDbg will give you even more information.