95% of the time the OS is not a fault for a STOP error but a poorly written device driver. So don't blame Microsoft!

What happens when there is a STOP error?

When Vista encounters a STOP it will flash the common blue screen, dump the physical memory to the hard drive and restart. Now in past Windows Operating Systems you would need to change a system setting in order to stop the system from restarting in order to read the actual STOP error code on the blue screen. This can still be done under: Right Click My Computer > Properties > Advanced Properties (Left Pane) > Startup and Recovery Settings > uncheck the auto restart box. Most of the time this will not be necessary as the next time you log on after a blue screen restart Vista will prompt you with a little window describing the STOP error code and where the dump file can be found.

STOP Error options Windows:

NOTE: It is generally better to have a small memory dump then a kernel dump as more info is at hand for the debugger.

Windows Error Solution Window:



Locating the memory dump file

Looking at the photo above, the first file location listed will appear similiar to:

C:\Windows\Minidump\MiniXXXXXX.dmp (XXX is a random identifier)

This is the location in which we will use later when using Window Debugger to search for the driver which caused this STOP error or "Blue Screen".



Using Windows Debugging Tools

To begin you must download the free tools from Microsoft here: (If you are unsure which version of Windows you have x86 or x64, most likely you have x86)

x86 Download:

http://www.microsoft.com/whdc/devtools/debugging/installx86.mspx

x64 Download:

http://www.microsoft.com/whdc/devtools/debugging/install64bit.mspx



Download and start the Installation

Upon the completion of installation go to your start menu and locate "Debuggin Tools for Windows" and click on WinDBg.

Once loaded, click File > Symbol File Path and enter (without quotes) "SRV*DownstreamStore*http://msdl.microsoft.com/download/symbols"

Opening the Memory Dump:

Now Click File > Open Crash Dump and navigate to the location of the file we found earlier, and hit OK. You will be prompted to save workspace, and hit yes.

Now wait 10 seconds or so depending on how fast your PC is for the application to load up the memory dump. Don't be alarmed if you see messages at the end such as:

*** WARNING: Unable to verify timestamp for vmm.sys
*** ERROR: Module load completed but symbols could not be loaded for vmm.sys

This just means that the symbols file we loaded earlier could not locate information for this particular driver, most likely because it is 3rd party and not supported. This shouldn't be of any concern.

Begin the analyzing the memory dump!

This part is quite simple located the line which reads:

Use !analyze -v to get detailed debugging information.


Click the hyperlinked "!analyze -v" and it will begin to locate the source driver of the STOP error. You can also type this syntax into the textbox at the bottom of the screen.

Locate the PROCESS_NAME line for a listing of the process in which was involved in the STOP and scroll down to fine the IMAGE_NAME which will display the underlying driver at fault.

In my Case Virtual PC.exe was the process and the driver Vmm.sys. This in turn seemed to be quite accurate as I was using Virtual Pc at the time of crash.

Other Commands(Type into textbox at bottom of debugger:

• The !analyze -show command displays the Stop error code and its parameters. The Stop error code is also known as the bug check code.

• The !analyze -v command displays verbose output.

• The lm N T command lists the specified loaded modules. The output includes the status and the path of the module.
  

So I know the problem driver/process...Now What!?

You could issue the command lmv m drivername and it will give you info on that particular driver such as its location, its date (which can be helpful in determining if it’s an old driver that needs updating). Since you now know the driver name you can google and check the manufacturers site for an updated driver which Should fix the problem.

So Is that it...Am I Done?..Beware:

Using WinDBg is not an instant fix, it is not always correct and sometimes will not find a solution. If this is the case I suggest you run a memory test on your computer to make sure your memory is running correctly and not the source of the problem (Bad memory is a common cause for Blue Screens). Type "Memory" into your start menu and click the only option, this is the built in windows memory test which works very well for ruling out memory problems.

AMD64 X2 5200+ 2.60GHz | 3GB DDR 667 | RAID 0 SATA3.0 WD Caviars 320GB total | Foxconn MCP61VM2MA-RS2H Geforce 6100 nforce400 chipset | Vista Ultimate x86

I just bought a new Gatway computer for my wife and it came with Windows Vista with SP1. I had already found out how to stop the auto restart after a system failure, so I could read the BSOD information. I also found out how to run the Widows memory test, which the system passed. I've not tried the debug tool yet, But! I thought that maybe now that I have the blue screen message that somebody could give me some idea of what the problem is. I also thought that having one of these messages actually posted on the net that it would help people to see just what the message is about. It almost always pops up shortly after reboot. I'm thinking it may have something to do with my Avast virus program??? HELP!

Below is the BSOD message that keeps coming up

My Windows Vista Blue Screen Error Message.

A problem has been detected and windows has been shut down to prevent damage to your computer.

Bad_Pool_Caller

if this is the first time you’ve seen this error screen, restart your computer, if this screen appears again, follow these steps:

check to make sure any hardware or soft is properly installed.
If this is a new installation, ask your hardware or software manufacturer for any windows updates you might need.

if the problem continues, disable or remove any newly installed hardware or software. disable BIOS memory options such as caching or shadowing. If you need to use safe mode to remove or disable components, restart your computer, press F8 to select advanced startup options, and then select safe mode.

technical information

***stop: 0x000000c2  (0x00000099, 0x0065006c, 0x00000000, 0x00000000)

collecting data for crash dump…
initializing disk for crash dump…
beginning dump of physical memory.
dumping physical memory to dick: 100
physical memory dump complete.

 contact your system admin or technical support group for further assistance.

_____________________________________________________________________

The next reboot I got the same message but with a little different technical information, see
below.

Instead of a “bad_pool_caller” I got,
Page_fault_in_nonpaged_area

Then in the technical information area instead of,
***stop: 0x000000c2  (0x00000099, 0x0065006c, 0x00000000, 0x00000000)

I got this,
***stop: 0x00000050 (0x92604000, 0x00000000, 0x81cf4773, 0x00000000)