Most Blue Screens are caused by drivers or other kernel mode software attempting to access protected memory. The tools for analyzing the crash dump created during a Blue Screen are not very friendly. Follow these steps to determine the cause of the Blue Screen.
- Download WinDbg.
Firstly down load the Standalone Debugging Tools for Windows (WinDbg) from:
https://msdn.microsoft.com/en-us/windows/hardware/hh852365.aspx - Install WinDbg
Run the installer
Select Install the Windows Software Development Kit for Windows to this computer.
Accept the CEIP and License agreement.
Select Debugging Tools for Windows.
- Configure WinDbg
Run WinDbg
Click File
Click Symbol File Path
Add the following line
srv*c:\mss*http://msdl.microsoft.com/download/symbols - Analyse Crash Dump
Click File
Click Open Crash Dump
Locate your Crash Dump. These are found at:
C:\Windows\Minidump
In the command bar at the bottom type:
!analyze -v
Press Enter. - Understanding the results
Under the second Bugcheck Analysis will be the action that triggered the Blue Screen. More often than you not you will have to google this issue looking for driver updates or Microsoft hotfixes. In the below example the clues to search for are the following:
BugCheck 50
Probably caused by : win32k.sys
PAGE_FAULT_IN_NONPAGED_AREA
This led to the following Microsoft hotfix which resolved the issue:
https://support.microsoft.com/en-us/kb/2781406
ref: http://blog.buktenica.com/beginners-guide-to-analysing-a-blue-screen/
https://support.microsoft.com/en-us/kb/2781406
ref: http://blog.buktenica.com/beginners-guide-to-analysing-a-blue-screen/
