Crash Analyzer Wizard

The Crash Analyzer Wizard enables you to debug a Windows crash dump and diagnose related system errors. The Crash Analyzer Wizard uses the Microsoft Debugging Tools for Windows to examine a Windows crash dump (either a full dump or minidump) for the driver that most likely caused the system to fail.

Important
The Crash Analyzer Wizard will attempt to locate the Debugging Tools for Windows on your system. If the directory path box is empty, you must enter the location or browse to the location of the Debugging Tools for Windows (you can download the files from Microsoft). You must also provide a path to where the symbol files will be located. For more information about the Microsoft Debugging Tools for Windows and the symbol files, see "Debugging Tools for Windows — Overview" at the Microsoft Web site (http://go.microsoft.com/fwlink/?LinkId=30565).

Important

The Crash Analyzer Wizard will attempt to locate the Debugging Tools for Windows on your system. If the directory path box is empty, you must enter the location or browse to the location of the Debugging Tools for Windows (you can download the files from Microsoft). You must also provide a path to where the symbol files will be located. For more information about the Microsoft Debugging Tools for Windows and the symbol files, see "Debugging Tools for Windows — Overview" at the Microsoft Web site (http://go.microsoft.com/fwlink/?LinkId=30565).

The Crash Analyzer Wizard provides a diagnosed result that you can use to decide the appropriate course of action. For example, you can use the Services and Drivers Manager in ERD Commander to remove the driver that caused the crash. For more information about using ERD Commander, see ERD Commander.

Note
If you include the Microsoft Debugging Tools for Windows and the symbol files on the boot CD that you create for ERD Commander, you can ensure that they will be available when they are needed.

To run the Crash Analyzer Wizard

Click Start, point to All Programs, point to Microsoft Diagnostics and Recovery Toolset, and then click Crash Analyzer Wizard.

The following steps will be completed in the process of analyzing a crash.

You must ensure that you have the necessary tools and files installed on your system:
- Microsoft Debugging Tools for Windows.
- Symbol Files. For more information about symbol files, see Ensure Access to Symbol Files.
You select a crash dump file (either a full dump or a minidump) that you want to analyze.
The Crash Analyzer Wizard scans the crash dump file and reports a probable cause of the crash. You can view further information on the crash, such as the specific crash message and description, the drivers loaded at the time of the crash, and the full output of the analysis.
You decide upon an appropriate course of action, which can include disabling or updating the device driver responsible for the crash using the Services and Drivers Manager in ERD Commander.

Ensure Access to Symbol Files

Symbol files are automatically downloaded during the analysis process. If the system does not have an Internet connection or the network requires the system to access an HTTP proxy server, the symbol files will not be downloaded.

The following options are available for ensuring access to symbol files:

Copy the dump file to another system. If the symbols cannot be downloaded because of a lack of an Internet connection, you can copy the crash dump file to a system that does have a connection and run the Crash Analyzer Wizard from that system.
Access the symbol files from another system. If the symbols cannot be downloaded because of a lack of an Internet connection, you can download the symbols from a system that does have a connection and then copy them to the system that does not have a connection or you can map a network drive to a location where the symbols are available on the local network. If you are running the Crash Analyzer Wizard in ERD Commander, you can include the symbol files on the boot CD for ERD Commander. For more information, see How to Create a Boot CD for ERD Commander.
Use an environment variable to access an HTTP proxy server. If the symbols cannot be downloaded because an HTTP proxy server must be accessed, you can perform the following procedure. This option only applies to running the Crash Analyzer Wizard in ERD Commander.

To access an HTTP proxy server

Open a Command Prompt window.
Change the directory to the location of the CrashAnalyzer.exe program.
Set the _NT_SYMBOL_PROXY environment variable to the HTTP proxy server address. The HTTP proxy server address should be in the format hostname:port. For example, you can type the following command (replace myproxy and mycompany with the appropriate names for your proxy server and company domain):

set _NT_SYMBOL_PROXY=myproxy.mycompany.com:80
In the Command Prompt window, run the Crashanalyze.exe program.

Ensure Access to Symbol Files

See Also

Concepts