Crashes Information Columns (Upper Pane)

Dump File: The MiniDump filename that stores the crash data.
Crash Time: The created time of the MiniDump filename, which also matches
to the date/time that the crash occurred.
Bug Check String: The crash error string. This error string is determined
according to the Bug Check Code, and it's also displayed in the blue screen
window of Windows.
Bug Check Code: The bug check code, as displayed in the blue screen
window.
Parameter 1/2/3/4: The 4 crash parameters that are also displayed in the blue
screen of death.
Caused By Driver: The driver that probably caused this crash.
BlueScreenView tries to locate the right driver or module that caused the blue
screen by looking inside the crash stack. However, be aware that the driver
detection mechanism is not 100% accurate, and you should also look in the
lower pane, that display all drivers/modules found in the stack. These
drivers/modules are marked in pink color.
Caused By Address: Similar to 'Caused By Driver' column, but also display
the relative address of the crash.
File Description: The file description of the driver that probably caused this
crash. This information is loaded from the version resource of the driver.
Product Name: The product name of the driver that probably caused this
crash. This information is loaded from the version resource of the driver.
Company: The company name of the driver that probably caused this crash.
This information is loaded from the version resource of the driver.
File Version: The file version of the driver that probably caused this crash.
This information is loaded from the version resource of the driver.

 Crash Address:The memory address that the crash occurred. (The address in
the EIP/RIP processor register) In some crashes, this value might be identical to
'Caused By Address' value, while in others, the crash address is different from
the driver that caused the crash.
Stack Address 1 - 3: The last 3 addresses found in the call stack. Be aware that
in some crashes, these values will be empty. Also, the stack addresses list is
currently not supported for 64-bit crashes.
Drivers Information Columns (Lower Pane)

Filename: The driver/module filename

Address In Stack: The memory address of this driver that was found in the
stack.
From Address: First memory address of this driver.
To Address: Last memory address of this driver.
Size: Driver size in memory.
Time Stamp: Time stamp of this driver.
Time String: Time stamp of this driver, displayed in date/time format.
Product Name: Product name of this driver, loaded from the version resource
of the driver.
File Description: File description of this driver, loaded from the version
resource of the driver.
File Version: File version of this driver, loaded from the version resource of
the driver.
Company: Company name of this driver, loaded from the version resource of
the driver.
Full Path: Full path of the driver filename.
Lower Pane Modes

Currently, the lower pane has 4 different display modes. You can change the display
mode of the lower pane from Options->Lower Pane Mode menu.
1. All Drivers: Displays all the drivers that were loaded during the crash that you
selected in the upper pane. The drivers/module that their memory addresses
found in the stack, are marked in pink color.
2. Only Drivers Found In Stack: Displays only the modules/drivers that their
memory addresses found in the stack of the crash. There is very high chance
that one of the drivers in this list is the one that caused the crash.
3. Blue Screen in XP Style: Displays a blue screen that looks very similar to the
one that Windows displayed during the crash.
4. DumpChk Output: Displays the output of Microsoft DumpChk utility. This
mode only works when Microsoft DumpChk is installed on your computer and
BlueScreenView is configured to run it from the right folder (In the Advanced
Options window).
You can get DumpChk from the installation CD/DVD of Windows or with the
installtion of Debugging Tools for Windows.
Crashes of Remote Network Computer

If you have multiple computers on your network and you have full administrator
access to them (e.g: you have access to \\ComputerName\c$), you can also view the
crashes of the other computers on your network remotely. In order to do that, simply
go to 'Advanced Options' (Ctrl+O) and type the MiniDump folder of the remote
computer, for example: \\MyComp\c$\Windows\MiniDump.
Notice: If you fail to get full administrator access to the remote computer, you should
read the instructions in the following Blog post: How to connect a remote Windows
7/Vista/XP computer with NirSoft utilities.
Watching the crashes of multiple computers on your network

If you have a network with multiple computers, and you have full admin access to
these computers, you can view the blue screens list of all these computers in one table,
and easily detect computers with recurring BSOD problems.
In order to use this feature, prepare a list of all computer names/IP addresses that you
want to inspect, and save it to a simple text file. The computer names in the list can be

delimited by comma, semicolon, tab character, or Enter (CRLF).

Example for computer names list:
comp01
comp02
192.168.0.1
192.168.0.2
192.168.0.4

After you have a text file contains the computers list, you can go to Advanced Options
window (Ctrl+O), choose the second option and type the computers list filename.
Command-Line Options

/LoadFrom <Source>

Specifies the source to load from.

1 -> Load from a single MiniDump folder (/MiniDumpFolder
parameter)
2 -> Load from all computers specified in the computer list file.
(/ComputersFile parameter)
3 -> Load from a single MiniDump file (/SingleDumpFile
parameter)

/MiniDumpFolder <Folder>

Start BlueScreenView with the specified MiniDump folder.

/SingleDumpFile
<Filename>

Start BlueScreenView with the specified MiniDump file. (For

using with /LoadFrom 3)

/ComputersFile <Filename>

Specifies the computers list filename. (When LoadFrom = 2)

/LowerPaneMode <1 - 3>

Start BlueScreenView with the specified mode. 1 = All Drivers,

2 = Only Drivers Found In Stack, 3 = Blue Screen in XP Style.

/stext <Filename>

Save the list of blue screen crashes into a regular text file.

/stab <Filename>

Save the list of blue screen crashes into a tab-delimited text file.

/scomma <Filename>

Save the list of blue screen crashes into a comma-delimited text

file (csv).

/stabular <Filename>

Save the list of blue screen crashes into a tabular text file.

/shtml <Filename>

Save the list of blue screen crashes into HTML file

(Horizontal).

/sverhtml <Filename>

Save the list of blue screen crashes into HTML file (Vertical).

/sxml <Filename>

Save the list of blue screen crashes into XML file.

/sort <column>

This command-line option can be used with other save options

for sorting by the desired column. If you don't specify this

option, the list is sorted according to the last sort that you made
from the user interface. The <column> parameter can specify
the column index (0 for the first column, 1 for the second
column, and so on) or the name of the column, like "Bug Check
Code" and "Crash Time". You can specify the '~' prefix
character (e.g: "~Crash Time") if you want to sort in
descending order. You can put multiple /sort in the commandline if you want to sort by multiple columns.
Examples:
BlueScreenView.exe /shtml "f:\temp\crashes.html" /sort 2 /sort
~1
BlueScreenView.exe /shtml "f:\temp\crashes.html" /sort "Bug
Check String" /sort "~Crash Time"

/nosort

When you specify this command-line option, the list will be

saved without any sorting.