How to debug a Windows bluescreen crash (BSOD)

1 minute read

I use hibernate when I am done using my Windows Vista x64 machine for the day. Usually I would use sleep but for some reason my DFI motherboard doesn’t work with Vista’s sleep feature. Hibernate usually works fine, but maybe once or twice a month the computer will crash with a bluescreen when entering hibernation. Bluescreen errors are really annoying because Windows doesn’t give the user any useful information as to what is causing the error so it is really hard to fix it.

After some trial and error I’ve figured out how to gain some information on figuring out what is causing the bluescreen. The following steps show you how to determine which binary is causing the error. These steps should work on Windows XP, Vista, and Windows Server:

  1. Go here to download and install the 32 or 64 bit version of the Debugging Tools for Windows: http://www.microsoft.com/whdc/DevTools/Debugging/default.mspx.
  2. Wait until your computer bluescreens.
  3. Once the computer reboots open a cmd.exe window. On Vista you must use an elevated permissions window.
  4. Type this command at the prompt to allow debugging symbols to be found:  set _NT_SYMBOL_PATH=symsrv*symsrv.dll*f:\localsymbols*http://msdl.microsoft.com/download/symbols
  5. Go to the location that you installed the debugging tools and type “windbg.exe”.
  6. Select File –> Open Crash Dump.
  7. Select c:\Windows\MEMORY.DMP.
  8. Type in the windbg window:   !analyze -v
  9. Windbg will show you information about the crash. I look at IMAGE_NAME to determine what binary is causing the problem.

Usually I will see a binary that starts with “nv” which means nVidia. My graphics card drivers are usually the ones that are causing the problem. If you don’t recognize the binary then try searching for it online and you’ll probably be able to figure out what it is.

If you can figure out what it is then you can try installing a newer version of the program or driver to see if that helps.

Updated: