I should update this post a little bit to allow for an easier way to understand what we are trying to accomplish here. I have referenced it from time to time and believe that it may be a little confusing as to what to do in order to figure out what is wrong.
Nirsoft makes a neat little program that allows you to easily open dump files that are created when your system crashes. The link is near the bottom of the page linked in the previous post.
http://www.nirsoft.net/utils/blue_screen_view.html
The download is a zip file that you will need to extract. XP has a built in extractor for zip files, so it is as easy as right clicking and choosing extract. I extract all the files to the desktop so they are automatically in a neat folder and can be moved anywhere. I move this folder to my Start Menu Programs list so it is out of the way and easy to get to.
The awesome thing about this little tool is that it automatically opens up the C:\Windows\Minidump folder where dump files are, by default, stored. Once the software is open, choose the dump file that relates to your crash. This is typically indicated by the date listed under the Crash Time colum. Select that file and look in the lower pane. The files highlighted in red are the offending files.
However, this is only part of the issue. The lower pane shows that the HAL.dll and the ntoskrnl.exe failed. What this means is that the central core of the machine found an issue, and shut down. The numbers in the Address In Stack list show the memory address of the information that caused the issue. If we continue further, we can see the File menu has an option to Search Google for the relating error. Google searches are only as good as the input, so remember to take the searches as guidelines to repairing your problem. For our current search, Google looks for
Bug Check 0xFC:ATTEMPTED_EXECUTE_OF_NOEXECUTE_MEMORY, which is the actual error message we would have seen during the BSOD crash.
In this instance, we follow the first link listed on Google's search and find
http://msdn.microsoft.com/en-us/library/ff560402(v=vs.85).aspx
This page confirms what we already thought. A driver caused an issue in the Kernel of Windows (the core) and Windows shut down to prevent a system hang that would otherwise cause corruption.
However, we still don't know which driver caused the problem. If you know that you were doing something specific when the crash happened and you can duplicate the failure again, you can use that as a reference. For example, if you are editing video when a BSOD happens every time, you can probably lean toward your video card. Check for driver updates and be sure that your card is not overheating due to a failed fan or something.
More to come.
