BSoDs can be a good thing — really!

Topic

New Reply

On Security By Susan Bradley If your system crashes with an infamous blue screen of death, consider it a cry for help! BSoDs have always been an ugly
[See the full post at: BSoDs can be a good thing — really!]

2 users thanked author for this post.

abbodi86, woody

Reply | Quote

Replies

Yesterday, May 10 at about 7 pm I got a BSOD. I had installed the April 14 Patch Tuesday patch the day before at 5:45 PM. And after that, I did a sfc /scannow. It came back with a report that Windows Resource Protection had found corrupt files and successfully repaired them. I checked the log file, where it reported that 13 system folders had been “owned twice or had its security set twice.”

When the BSOD appeared, the machine had been sitting idle for maybe 10 minutes. I didn’t recognize it as a BSOD, because as you say, it was much friendlier with a request to restart. I wasn’t sure that it was legitimate, so I pressed the power button until the machine turned off. Then, I restarted it and a screen came up with a square to click on for “Recovery”. Everything came back to normal after that. But, I shutdown and powered up to see if things would start up as usual. They did. Later, I shut down with a restart and things started back up as usual. Then, I shut the machine down for the night.

Now this morning, the machine powered up and things seems to be as usual. Can I assume that things are OK now? Or should I expect to see this BSOD again?

Reply | Quote

Without knowing what caused the problem we can’t say.
Have you run NirSoft’s BlueScreenView to see what went awry?

cheers, Paul

Reply | Quote

What is BsoDs

Reply | Quote

BSoD stands for “Blue Screen of Death” – when a computer crashes with a blue (sometimes green or black) screen.

Reply | Quote

Good article Susan, thanks for posting it.  I have a recurring BSOD (DXGKRNL).  Tried everything I know to fix it and it still pops up once in a while.  I even tried removing the drivers and re-installing, but it still occurs.   After reading your column, I downloaded BlueScreenview – it didn’t find anything.  Not really a problem, but a pain sometimes.  I will be researching further.  Any comments would be much appreciated.

Cheers,

Al

Reply | Quote

Yes,

had the same thing many years ago on a Win10 update (~5yrs ago).
BSOD after running for a few minutes.

Did everything I could, updated everything in sight if I could get the machine stable enough to do that.

After 2 days I gave up and moved the system into Test mode, there is something about my PC that Win10 doesn’t like.

Since then I have updated from build 17xx to 1909 and never had a BSOD, but if I switch back out of test mode I can almost guarantee a crash

Weird
Greg

Reply | Quote

The problem with third party tools like BlueScreenView (and WhoCrashed) is that they are very often wrong about the cause of the crashes and implicate core Windows system files as the cause of the Crash (their Caused by Driver field) like ntoskrnl.exe, hal.dll, ntdll.dll, etc. when those files are never really the cause of the crashes.

Even NirSoft offers a disclaimer:

BlueScreenView tries to locate the right driver or module that caused the blue screen by looking inside the crash stack. However, be aware that the driver detection mechanism is not 100% accurate…

BSV is sometimes right, but usually wrong about the cause of the crash and folks can waste considerable time figuring out how to replace their ntoskrnl.exe or other core Windows system files when they are not the cause at all.

If those core Windows files the BSV likes to report as the cause of the crash were afflicted and responsible for crashes then millions of systems all over the work would be crashing with BSoDs – and they’re not.

I do like the BSV feature that lets you view the crash dump in what they call XP Style so you can actually see what the user is seeing and also why they are on a wild goose chase trying to replace or fix files that don’t need replacing or fixing.

When I get crash dumps to analyze for folks I still look at them with BSV just to see what is has to say – once in a while it is right but usually it is wrong.

To find out the real cause of the crash use the Windows debugging tools and you can usually zero in on the real problem.  Sometimes it helps to have several crash dumps to look for a pattern of failure and sometimes the debugger will report an indeterminate cause which means you need some more examples.

The debugging tools take a little practice, there are many tutorials you can find with a Google search and you will not waste time on wild goose chase ideas when finding the real cause of the crash.

Reply | Quote