If you use Windows long enough, you would have seen the dreaded Blue Screen of Death (BSOD) a couple of times. The mesages shown on screen are often cryptic and you don’t even get to see the messages if your system is configured to automatic reboot. Often times, you need to do a crash dump analysis to determine the cause.
WindowsBBS has an excellent tool called debugwiz to simplify the process of analysis so non-programmers can do it, too. I have written a post about how to use it.
I found another tool which automate the process and it’s much easier to use than debugwiz. The program is called WhoCrashed from Resplendence Software. The installation is straight forward. Just download it from the company’s web site. The home edition is free. The tool requires Windows Debugging Tool and the first time you run the program, it prompts you to download it automatically. After that, all you have to do is clicking on the Analyze button and it does the rest for you. Scroll down and you can see the results.
From this screen shot, you can see that the system has been crashed several times by fwdrw.sys. If you check the properties of the file, you can find out what company created the file and then you can find out if there are any updated versions of the file. You can decide if you want to update the file or simply uninstall the package that includes the file.
Compared to debugwiz, WhoCrashed has it’s advantage that almost anyone can use it without too much troubles. However, the home edition cannot analyze crash dump files for remote systems. That implies if you cannot boot your computer to working state, you cannot use this tool. For that situation, you need to get the crash dump files to a different computer and run the debugwiz tool on that computer.