Find the cause of a Vista blue screen
Friday, May 16th, 2008 by SteveI finally managed to get to the bottom of my vista blue screen problem, so I thought I’d share how I determined which driver was causing the problems.
Vista keeps a log of application and kernel crashes in Control Panel -> Problems Reports and Solutions -> View problem history:
Double clicking on the latest Windows “shut down unexpectedly” shows the blue screen details. These don’t give much useful information, for example which driver was responsible:
Clicking on “View a temporary copy of these files” opens an explorer window with the crash dump file, which you can copy to your own directory.
To analyse the crash dump you’ll need to install the Microsoft Windows Debugging Tools (17MB msi). This adds a whole set of command line tools under “C:\Program Files\Debugging Tools for Windows (x86)”. Use the dumpchk.exe tool to analyse the crash file:
And there’s the culprit: “Probably caused by: eacfilt.sys”. This is the driver used by Nortel’s Contivity VPN client. I’m using the “vista friendly” version, which worked fine before I applied Vista SP1, but I guess SP1 broke its driver. The solution to all my problems? Uninstall it!
Hurrah! My T61’s suspend and hibernate work again!