Ah, not the Blue Screen of Death (BSOD) again! As you probably know, the dreaded blue screen often consists of hard-to-understand error messages and cryptic error numbers.
Luckily, there is a solution: WhoCrashed (free for home users only) is able to analyze the memory dump files that Windows creates. The program prepares an overview of what caused the crash(es) so that you are able to find out whether you need to update driver software, Windows, some programs or even replace RAM (memory modules) or other hardware components.
In case you want to find out why applications or programs crash or stop responding, use Reliability Monitor instead.
First, there must be something to analyze. By default, Windows creates kernel memory dumps that contain enough data for troubleshooting. To verify the setting is still correct, use keyboard shortcut Windows Key+Pause/Break to open System Properties.
Alternatively, right-click (My) Computer (or This PC icon in Windows 8.1 and later) icon on Desktop, Start menu/screen or Windows/File Explorer and select Properties.
In Windows Vista, 7, 8, 8.1 and 10, click Advanced system settings on the left.
Next, open the Advanced tab of System Properties window. Then click Settings button in the Startup and Recovery section.
In the Startup and Recovery window, make sure all check boxes (Write an event to the system log, Automatically restart, etc) in the System failure section are ticked. Then verify that the Write debugging information combo box says Kernel memory dump. If not, select it from the list.
In Windows 10, the Disable automatic deletion of memory dumps when disk space is low check box should be unticked in most cases.
Click OK twice to close Startup and Recovery and System Properties windows.
You should also check if Windows paging file meets minimum requirements for creating crash dumps: Set paging file to a fixed size in Windows.
Open WhoCrashed download page at Resplendence Software Projects, scroll down to the Crash Analysis Tools section and click Download free home edition to the right of WhoCrashed.
After the download is complete, WhoCrashed Home Edition Setup Wizard opens. The process is very simple, just click those Next buttons. After the installation is complete, click Finish to run WhoCrashed right away.
Windows XP users will probably see the Required Windows Debugging package not found dialog upon the first run of WhoCrashed Home. Click Download the required file from Microsoft site now to download and install the missing package automatically. Please stand by until the process is complete.
After WhoCrashed opens, click Analyze (the leftmost button) on Toolbar.
Depending on the number of available memory dumps, the process might take up to a minute. Information dialog appears after the analysis is complete - click OK.
In case there are no memory dumps available, WhoCrashed has nothing to analyze. Please verify that the line above states "Crash dumps are enabled on your computer" - if not, scroll to the beginning of this tutorial and enable Kernel memory dumps.
Please note that Disk Cleanup and CCleaner can also delete stored crash dump files, so do not use these tools until you have located the source of Windows crashes. After you've resolved the problems, you can safely remove memory dumps, since they can occupy quite a chunk of disk space.
If one or more memory dumps are available, WhoCrashed sorts these by date and time. Please do check the year of the crashes, since there is absolutely no need to make wrong assumptions on very old crashes!
Each crash analysis contains detailed information, please read the description and suggestions thoroughly.
Here is a bad example of a Blue Screen of Death (BSOD): everything is unknown, except that the crash was probably not caused by hardware. You can still search the Bugcheck code on Google or Bing - you might not be alone with this problem.
Please note that this analysis is based on a minidump, so Kernel memory dump might still reveal the cause.
And here's the Kernel memory dump for the problem above - this time it is certain that the crash was caused by a third party driver ntkrpamp.exe. WhoCrashed was not able to determine the manufacturer and type of the driver (this usually means the driver is not digitally signed and should be updated ASAP), but googling "What is ntkrpamp.exe" reveals that this is a part of Realtek ethernet (network) driver - so seek for a driver update; or if you just upgraded the driver, roll it back in Safe Mode.
Here's another example: Microsoft's own standard module caused a crash. You can either run Windows Update or revert any system configuration changes you might have made lately.
Back to third party drivers - this time BSOD was caused by Intel graphics/video driver. But there is also a suggestion that the problem might have been caused by a thermal issue (read: overheating).
First, look for an updated driver again. Second, verify your computer is not very hot - if it is, check or upgrade cooling.
In the end of each WhoCrashed report there is the Conclusion section that contains links to related Google searches. In case you are not really good at searching, use these links instead.
In case you see problems related to hardware (sorry, no examples at the moment), you need to replace the faulty components. If your computer is still under warranty, you are in luck. If not, you still need to take it to some repair shop unless you are an IT specialist.
Good luck with troubleshooting and updating!