Improve company productivity with a Business Account.Sign Up


Step by step guide to troubleshooting Blue Screen crashes (Server 2003, XP)

Posted on 2009-05-14
Medium Priority
Last Modified: 2012-08-14
Hey guys, new to the site and it's my 1st question so please be patient!

I've run into the dreaded BSOD many times over the years. Usually it was after a driver change or was pretty obviously faulty hardware. However once and awhile I spend way too much time with trial and error troubleshooting when I know I should be looking at logs or dumps or those cryptic 00000000x44 type numbers that it displays.

My question to the Experts:

Can you please provide a Step by Step Guide to diagnosing and resolving BSOD crashes? I realize this is a bit vague. If the answer is OS specific I'm interested in Windows Server 2003 primarily but also XP Pro. I'm looking for something like:

Step 1 - make sure XYZ is turned on for future crashes
Step 2 - go to this folder to find the dump file and .....
Step 3 - start with the error codes. This block means it's a driver...
Step 3 - look at the 000000x44 numbers and plug them into website located at...

I know a lot of this information is a Google click or 3 away but for me, the benefit of this service is I really don't have time to chase down and compile the info myself (hence paying to have access to Experts with the knowledge in their heads).

I do have a specific crash in mind (Windows 2003 Server reboots itself once a week) and I can post more info about that but since I know BSODs will happen in my future I'd like to be armed with a clear procedure for resolving them.

If that procedure ends up being "post your log here and we'll have a look" that's Ok but I suspect there should be clues I can find myself if I know where/when/what to look at.
Question by:clarityclark
  • 2
  • 2
LVL 16

Assisted Solution

warturtle earned 400 total points
ID: 24383708
As a first thing, you can look into the Windows 2003 Server and Win XP Pro event logs. You can access them by: start->run->eventvwr

That will contain messages with an error code which will give you more information about the error.

Another question on EE might also help:

I am also going to suggest an online scan with Kaspersky Online Scanner based at: for both the server and the winxp machine.

Hope it helps.
LVL 27

Assisted Solution

Jonvee earned 600 total points
ID: 24384702

You are very welcome to read and use these comments for XP crash dump analysis ... they are a sample of those i compiled, to help others like yourself > 

There should be a dump of the state of your system at the time it crashed.
The dumps are normally located in c:\windows\minidump\    
or  %systemroot%\minidump\

You may need to disable auto restart:
Right click My Computer > Properties > Advanced > Startup and Recovery Settings and uncheck Automatically Restart.

If you cannot reach Windows, you can turn off the 'Automatic reboot on error' option by selecting the Advanced Options Menu at bootup.  Keep press/releasing the F8 function key and you'll reach a menu where you can select the option "Disable Automatic restart on system failure".

If you see no minidump>
Enable Minidump's in Windows XP:

"How to read the small memory dump files that Windows creates for debugging":

The !analyze -v command will probably be your most used command.

You can download windbg from this microsoft website.

A good article here>
"Windows system crashes":
Please note the comments on page 2 "Getting the debugger".

Basic but good>
Debugging Tools and Symbols: Getting Started:


Author Comment

ID: 24440592
Thanks for the replies!  I was looking for more of a step by step answer but It sounds like what you are both saying is:

1. Make sure memory dumps are turned on
2. Check Event Log
3. Analyze the dump files
4. (this one I'm adding myself) Scan for bad memory

What if the dump files don't help? I've read that 50% of the time it just points to Windows components that aren't really the problem (some 3rd party code is asking the Windows code to do something invalid).

Then what? Is there a place that will tell me what the BSOD codes mean? For example 0000000x44 means a Stop code which typically means..... etc. etc. ??

5. Is my final step to call Microsoft? Is that a useful, worthwhile solution? Will they analyze BSOD messages and give detailed information? What cost is typically associated with this?

Building the above step by step process is really what I'm after here.
LVL 16

Assisted Solution

warturtle earned 400 total points
ID: 24440902
BSOD's can be caused by either hardware problems (like RAM, video card, etc) or software conflict or because of a virus (some viruses can register themselves as device drivers) and the BSOD logs/dumps might give an indication of what the problem can be.

Sometimes, it can be that due to a virus, some legitimate Windows OS driver cannot function properly and will crash the computer. The dump will normally point to the offending file and that is what we can use to analyse the problem.

Experts at EE are able to help you with analysis of the BSOD dumps and you can post a question in the appropriate categories to be helped by experts. All you need to make sure is that you can generate these dumps for analysis. I normally open these dumps in GVIM (its my favorite editor) and convert them to Hex-code which seperates the numbers and the text and it allows me to browse through the dumps without going through much binary stuff.

I have never contacted Microsoft for an analysis, so cannot comment on it.

Hope it helps.
LVL 27

Accepted Solution

Jonvee earned 600 total points
ID: 24441630
>What if the dump files don't help? I've read that 50% of the time it just points to Windows components that aren't really the problem <

You are absolutely correct, but for the 'right 50%' WinDbg is an excellent piece of software!

There is absolutely no need to call MS at this stage, usually between us all we'll find a solution.

If you wish to study my earlier links you'll find the guidelines that some of us use to analyse a Stop dump, it's normally quite straightforward as described in the "Windows system crashes" link above.

Bad RAM, as you intimate, is quite often the cause & would hopefully be diagnosed by WinDbg.  Most popular RAM Tester>
memtest86+  v2.11 :
This article shows you what the BSOD codes mean >>


Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
If you are looking for an automated solution for backup single or multiple Office 365 user mailboxes to Outlook data file, then you can use Kernel Office 365 Backup & Restore tool. Go through the video to check out the steps to backup single or mult…

595 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question