The Crash Analyzer Wizard enables you to debug a Windows crash dump and diagnose related system errors. The Crash Analyzer Wizard uses the Microsoft Debugging Tools for Windows to examine a Windows crash dump (either a full dump or minidump) for the driver that most likely caused the system to fail.
|The Crash Analyzer Wizard will attempt to locate the Debugging Tools for Windows on your system. If the directory path box is empty, you must enter the location or browse to the location of the Debugging Tools for Windows (you can download the files from Microsoft). You must also provide a path to where the symbol files will be located. For more information about the Microsoft Debugging Tools for Windows and the symbol files, see "Debugging Tools for Windows — Overview" at the Microsoft Web site (http://go.microsoft.com/fwlink/?LinkId=30565).|
The Crash Analyzer Wizard provides a diagnosed result that you can use to decide the appropriate course of action. For example, you can use the Services and Drivers Manager in ERD Commander to remove the driver that caused the crash. For more information about using ERD Commander, see ERD Commander.
|If you include the Microsoft Debugging Tools for Windows and the symbol files on the boot CD that you create for ERD Commander, you can ensure that they will be available when they are needed.|
To run the Crash Analyzer Wizard
- Click Start, point to All Programs, point to
Microsoft Diagnostics and Recovery Toolset, and then click
Crash Analyzer Wizard.
The following steps will be completed in the process of analyzing a crash.
- You must ensure that you have the necessary tools and files
installed on your system:
- Microsoft Debugging Tools for Windows.
- Symbol Files. For more information about symbol files,
see Ensure Access to Symbol
- Microsoft Debugging Tools for Windows.
- You select a crash dump file (either a full dump or a minidump)
that you want to analyze.
- The Crash Analyzer Wizard scans the crash dump file and reports
a probable cause of the crash. You can view further information on
the crash, such as the specific crash message and description, the
drivers loaded at the time of the crash, and the full output of the
- You decide upon an appropriate course of action, which can
include disabling or updating the device driver responsible for the
crash using the Services and Drivers Manager in ERD Commander.
Ensure Access to Symbol Files
Symbol files are automatically downloaded during the analysis process. If the system does not have an Internet connection or the network requires the system to access an HTTP proxy server, the symbol files will not be downloaded.
The following options are available for ensuring access to symbol files:
- Copy the dump file to another system. If the symbols
cannot be downloaded because of a lack of an Internet connection,
you can copy the crash dump file to a system that does have a
connection and run the Crash Analyzer Wizard from that system.
- Access the symbol files from another system. If the
symbols cannot be downloaded because of a lack of an Internet
connection, you can download the symbols from a system that does
have a connection and then copy them to the system that does not
have a connection or you can map a network drive to a location
where the symbols are available on the local network. If you are
running the Crash Analyzer Wizard in ERD Commander, you can include
the symbol files on the boot CD for ERD Commander. For more
information, see How to Create a Boot CD
for ERD Commander.
- Use an environment variable to access an HTTP proxy
server. If the symbols cannot be downloaded because an HTTP
proxy server must be accessed, you can perform the following
procedure. This option only applies to running the Crash Analyzer
Wizard in ERD Commander.
Open a Command Prompt window.
Change the directory to the location of the CrashAnalyzer.exe program.
Set the _NT_SYMBOL_PROXY environment variable to the HTTP proxy server address. The HTTP proxy server address should be in the format hostname:port. For example, you can type the following command (replace myproxy and mycompany with the appropriate names for your proxy server and company domain):
In the Command Prompt window, run the Crashanalyze.exe program.