P Patrick Moderator, BSOD Academy Instructor Staff member Joined Jun 7, 2012 Posts 4,604 Jul 28, 2012 #1 So I've been analyzing BSOD's for a fair bit of time now, I've solved hundreds and hundreds of cases, and I can do a fair bit of complicated things, etc... but I am having trouble understanding something so simple, so I feel a bit silly and embarrassed :r1: However, we're all here to learn... and without questions, there would be no answers! I was always under the assumption that when the "probably caused by" is a signed Microsoft driver, or just an incorrect fault, like ntoskrnl.exe, it's because Windows just has no idea what driver may have caused the crash, or if a driver was even the cause in the first place, so it shoots an incorrect fault. Okay, if that is the case, how exactly does it go by shooting that incorrect fault? We all know that whatever causes a blue screen occurs before Windows actually recognizes it. So, if something causes a blue screen... and Windows doesn't find out in time, and the culprit is gone.. does it randomly go "okay, ntoskrnl.exe... I saw you first, I don't like you, you did it!", and that's it? Basically, I'm just trying to wrap my mind around how Windows comes to shooting an incorrect fault, why if a driver is the issue, Windows cannot always catch it in the act, etc.