How to Read Blue Screen of Death Minidump Files

By James Lee Phillips

Updated September 28, 2017

Deciphering Blue Screen of Death error messages can be challenging.
i Images

The Blue Screen of Death and the accompanying error message that "A problem has been detected..." is a dreaded occurrence for Microsoft Windows users, especially since the information given in the message rarely seems helpful. Even computer-savvy people require tools to decipher the error codes and hexadecimal addresses. Fortunately, tools are available that will help you to decipher these minidump files and hopefully identify the underlying cause of the Blue Screen of Death error.

Verify That Minidumps Are Enabled

Click the "Start" menu and type "sysdm.cpl" (without the quotes) in the search box. Alternately, navigate to "Control Panel | System and Security | System | Advanced System Settings."

Click on the "Advanced" tab.

Click the "Settings..." button under Startup and Recovery.

Click on the drop-down box under "Write Debugging Information."

Select "Small memory dump (256 kB)." Your listing may have a different kB value.

Verify that the Small Dump Directory is "%systemroot%\Minidump".

Click "OK" and reboot if you've made changes.

Viewing Minidump Files

Download and install Debugging Tools for Windows (link in Resources).

Download the appropriate symbol package (link in Resources), which includes a set of OS-specific files that work with the debugger. Make a note of the download folder location.

Click "Start | All Programs | Debugging Tools for Windows."

Click "WinDbg" to open the Windows debugger program.

Click "File," "Symbol File Path" and enter the downloaded location.

Click "File" and select "Open Crash Dump."

Navigate to "C:\Windows\Minidump" and select the most recent minidump file.

Type "!analyze -v" (without quotes) in the input box near the bottom of the debugger.

View the results. The "MODULE_NAME" and "IMAGE_NAME" headings should indicate which application or driver caused the Blue Screen of Death error.


The symbol package is specific to the version of the OS installed on the PC that is having the BSOD issues. Therefore, if you're using a Windows 7 PC to debug a PC that is running Vista or XP, use that OS symbol package instead.

If you are having difficulty getting useful information from the Microsoft tools, third-party apps such as Blue Screen View (link in Resources) may make the process more user-friendly.