Home » Hacking Oprating Systems

BlueScreenView Determines Which Driver Caused Blue Screen on Windows

24 April 2008 No Comment

A lot of times a blue screen happens very quickly which you can’t even see what are the error messages and your computer got restarted. The annoying part of using WhoCrashed is you need to have Microsoft Debugging Tools installed or else it cannot analyze the mdmp files.

windows blue screen crash

Nir Sofer, a very experienced developer that released many useful utilities for Windows has came up with a new tool called BlueScreenView. Basically it is a new utility that allows you to watch the details of all ‘Blue Screen of Death’ crashes that occurred in your system.

BlueScreenView scans all your minidump files created during ‘blue screen of death’ crashes, and displays the information about all crashes in one table. For each crash, BlueScreenView displays the minidump filename, the date/time of the crash, the basic crash information displayed in the blue screen (Bug Check Code and 4 parameters), and the details of the driver or module that possibly caused the crash (filename, product name, file description, and file version).

blue screen viewer

For each crash displayed in the upper pane, you can view the details of the device drivers loaded during the crash in the lower pane. BlueScreenView also mark the drivers that their addresses found in the crash stack, so you can easily locate the suspected drivers that possibly caused the crash. For the fun of it, you can even view a demo of the crash by going to Options > Lower Pane Mode > and select Blue Screen in XP Style.

What I like about BlueScreenView is it doesn’t require any installation and the executable can run straight from a USB flash drive. Oh and you don’t even need Microsoft Debugging Tools installed to use this tool. From my experience, most of blue screen crashes are either caused by bad/conflicting drivers or a faulty hardware. An example is some software such as keylogger requires installing badly coded drivers and it can cause blue screen. If you have a bad RAM, you can also get blue screen and random lock ups.

BlueScreenView works with Windows XP, Windows Server 2003, Windows Server 2008, Windows Vista, and Windows 7, as long as Windows is configured to save minidump files during BSOD crashes. Currently, BlueScreenView can only read minidump files of 32-bit systems, but it cannot read the dump files created by x64 systems. It’s possible that x64 support will be added in future versions.

Download BlueScreenView

Leave your response!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.