You are currently offline, waiting for your internet to reconnect

Troubleshoot "blue screen" or Stop error problems before you contact Microsoft Support

This article contains troubleshooting information to help you resolve Stop error messages (these error messages are displayed on a blue screen).
Things to Try

Before you call Microsoft Support

Try the following methods to troubleshoot Stop error messages:
  • Review the "bugcheck" code that you find in the event logs. Search for the specific Stop error codes to see whether there are any known issues, resolutions, or workarounds for the problem.
  • Does the error message indicate any specific driver in regards to the problem? If so, update the driver in question.
  • Take a detailed look at the event logs on the system. Are you seeing any indication of a service starting or stopping before the crash occurred? Is this service behavior consistent across all instances of the crash? If so, you can contact the software vendor for the service to receive updated versions of the software to check whether this resolves the problem.
  • Try to identify whether you have made any software or hardware change or modification. You may want to consider the option to roll back the changes or use the change management to follow standard practices to revert to the last working state. Additionally, you may want to contact the software or hardware vendor for more help.
  • As a best practice, we recommend that you make sure that the BIOS is updated and that hardware and memory tests are performed.
  • Are you observing behavior that is related to the crashes, and do you believe that you can trigger the crash? Did you reach out to the software vendor for any updated version of the software or drivers that may be triggering the crash?
  • Make sure that you save the memory dump files for review. These dump files have been validated by using DumpChk and are not corrupted or invalid. You can verify the memory dump by using the Microsoft DumpChk (Crash Dump File Checker) tool. For more information, go to the following Knowledge Base article:

  • Make sure that you install the latest Windows updates, cumulative updates, and rollup updates.
  • Upload the memory dumps that you have verified by using the DmpChk memory dump collector. This diagnostic tool collects the last five machine mini-dump files from the past 30 days. It collects machine memory dump files from a computer and checks for known solutions.

    For more information about Machine Memory Dump Collector, go to the following Knowledge Base article:


Common Windows Stop errors

This bug check indicates that the Intel CPU generated a trap and the kernel failed to catch this trap. This trap could be a bound trap (a trap the kernel is not permitted to catch) or a double fault (a fault that occurred while processing an earlier fault, which always results in a system failure).

This error has been linked to excessive paged pool usage and may occur due to user-mode graphics drivers crossing over and passing bad data to the kernel code.

The Windows kernel detected an illegal or unknown processor instruction, often the result of invalid memory and access violations caused by faulty drivers or hardware devices. The error message often identifies the offending driver or device. If the error occurred immediately after installing a driver or service, try disabling or removing the new addition.

A driver tried to access an address that is pageable (or that is completely invalid) while the IRQL was too high. This bug check is usually caused by drivers that have used improper addresses.

This stop error occurs after the installation of faulty hardware or in the event of failure of installed hardware (usually related to defective RAM, be it main memory, L2 RAM cache, or video RAM). Another common cause is the installation of a faulty system service. Antivirus software can also trigger this error, as can a corrupted NTFS volume.

A problem occurred within the NTFS file-system driver. A similar Stop error, 0x23, exists for FAT32 drives. The most likely cause is a hardware failure in a disk or disk controller. Check all physical connections to all hard disks in the system and run Check Disk.

This stop error occurs when Windows has trouble reading from the hard disk. This error can be caused by a faulty device driver. You may also try running your antivirus. This bugcheck does not create a dump file.

This bug check indicates that the driver is in an inconsistent or invalid power state.

This bug check is issued if paged memory (or invalid memory) is accessed when the IRQL is too high. The error that generates this bug check usually occurs after the installation of a faulty device driver, system service, or BIOS.
More information
When you receive a Stop error message (a fatal system error message) in Windows, the computer enters debug mode for troubleshooting. The error message appears on a blue screen, and the first few lines are similar to the following sample error message.

Windows 7 and earlier versions

Windows 8 and later versions

What is a bugcheck or system crash?

When Windows cannot continue its operations safely, the system stops all operations to ensure safety to data/prevent corruptions. This system freeze is caused by a kernel mode component (driver) calling either of the functions KeBugCheck(...) or KeBugCheckEx(...). This causes what is commonly called the "Blue Screen of Death (BSOD)," a "bugcheck," or a system crash.

System Crash Dumps

When the system crashes, the memory contents at the time of the crash are written to a file on the hard disk. This file is called a crash dump. The page file or dedicated dump file is used to write a crash dump file (memory.dmp). To get useful information from the dump file and to prevent it from being corrupted or incomplete, the page file or the dedicated dump file must be large enough to handle the kind of crash dump that is selected. Make sure that the page file is configured appropriately so that the memory dump can be saved correctly.

For more information about how to understand bugchecks and crash dumps, see the following Performance Team Blog articles:

How to obtain a tool to automate the registry keys and paging files

  1. Download DumpConfigurator.hta from the following Microsoft website:

  2. Click Download, and then click I Agree after you read the Microsoft Software License Terms.
  3. Save the file, and then extract the DumpConfigurator.hta tool.
  4. Click DumpConfigurator.hta, and then click Auto Config Complete.

For recommended Pagefile settings for different crash dump type, go to the following Knowledge Base article:

To make sure that the system is configured for a good memory dump, go to the following Knowledge Base article:

Obtaining blue screen information after a memory dump file is created:

A Windows-based operating system writes an event log message that includes bugcheck information. The following is an example of the event log entry:

Event ID: 1001
Source: BugCheck
Description: The computer has rebooted from a bugcheck. The bugcheck was: 0xc00000E2 (0xffffffffffffffff, 0x0000000000000001, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\WINDOWS\MEMORY.DMP.


Article ID: 3106831 - Last Review: 10/22/2015 00:02:00 - Revision: 1.0

  • Windows Server 2012 R2 Datacenter
  • Windows Server 2012 R2 Essentials
  • Windows Server 2012 R2 Foundation
  • Windows Server 2012 R2 Standard
  • Microsoft Hyper-V Server 2012 R2
  • Windows Server 2012 Datacenter
  • Windows Server 2012 Essentials
  • Windows Server 2012 Foundation
  • Windows Server 2012 Standard
  • Microsoft Hyper-V Server 2012
  • Windows 10 Enterprise, released in July 2015
  • Windows 10 Enterprise 2015 LTSB
  • Windows 10 Pro, released in July 2015
  • Windows 10 Education, released in July 2015
  • Windows 10 IoT Enterprise 2015 LTSB
  • Windows 8.1 Enterprise
  • Windows 8.1 Pro
  • Windows 8 Enterprise
  • Windows 8 Pro
  • Windows Server 2008 R2 Service Pack 1
  • Windows 7 Service Pack 1
  • KB3106831