When Windows 2000, XP or Vista crashes to the infamous Blue Screen of Death, or BSOD, it attempts to write what is called a Crash Dump to the Hard Drive. This Crash Dump is a 64kb file that contains information about the crash, and, if it was caused by a driver, it will record what driver caused the issue. Most blue screens are caused by poorly written drivers, and thanks to the crash dump, the exact problem can be determined easily in many cases.

When most Windows PCs crash, they will automatically reboot. If your computer is running along without any issue and randomly reboots, chances are it is giving you a BSOD and restarting before you can even see it. Other times, a computer will crash and then show you the blue screen. All this means is that the system is set to not automatically reboot after system failure.

Analyzing the crash dumps is very easy to do. You will simply need a free tool from Microsoft called WinDbg, which is included in the Debugging Tools for Windows package. The steps to analyze your computer’s crash dump files are below:

1. The first step in analyzing a crash dump, called a Minidump by Windows, is to verify that the system did in fact create the file. Navigate to C:\Windows\Minidump\ and verify that files do exist in that folder. If they do not, then your system is not creating the dump file. Most likely this is due to a hardware failure, not a driver or software issue.

2. As long as the files do exist, download the Debugging Tools for Windows package directly from Microsoft. If you are running Windows 2000, XP or Vista 32-bit, download the 32-bit version. If you are running Windows XP Pro x64 or Windows Vista x64, download the 64-bit version. The symbols package is not a necessary download, as we are just trying to figure out what file is causing the blue screen in a driver/software related crash.

3. Open up WinDbg. On Windows Vista with User Account Control (UAC) enabled, be sure to right click and Open as Administrator. Otherwise, he Minidump folder will not be accessable. Once in the program, choose the File Menu, and click on Open Crash Dump. In the following screen, navigate to C:\Windows\Minidump and open the most recent Minidump file in there.

4. At this point, WinDbg will analyze the crash and tell you what file caused the crash. In the example below, iAstor.sys, the driver for my Intel Matrix Storage caused the blue screen on my computer. Updating that driver to a newer version fixed the problem and the PC has now been stable for many weeks.

Below are some common drivers that cause blue screens and their associated hardware. If any of the below files are causing the blue screen, update the driver. If the problem persists, contact the manufacturer or seek help on an Internet forum.

Filename	Associated Hardware
iaStor.sys	Intel Matrix Storage Driver
nv4_disp.dll	nVidia Display Driver
ati2dvag.dll	ATI Display Driver
w22n51.sys	Intel 2200BG WiFi Driver. Old versions often caused blue screens.
ntoskrnl.exe	Generic Microsoft BSOD. Most likely a hardware issue.