sticky
Help with Configuring Symbols RRS feed

  • Question

  • Dear molotov
     
    Love the article of on "Using Process Explorer without an Internet Connection" I tried once to add the debug tool on my computer and it wipe out all the themes on my pc. Dead
     
    When I tried to do a "system restore" I was not able to regain that feature or other functions. This lead me to do a "full restore" on my pc to its XP SP3 functions.Shocked
     
    Question:
     
    What is the proper procedure to unzip the debug tool in process Explorer, without lossing my theme functions and etc. Question
     
    Laymen terms are of need and welcomed...
     
    KBUQuest
    ...........................................
     
    Taught knowledge can be a purest form of love toward others....
     
    Thursday, January 15, 2009 3:58 AM

All replies

  • Hi, KBUQuest.

    I tried once to add the debug tool
    to unzip the debug tool in process Explorer
    Sorry, it's not clear to me what you mean by "debug tool"... Embarrassed

    In case you mean the Debugging Tools for Windows... They come with an installation program that simply installs the program using a traditional installation wizard-type interface.

    In case you mean Process Explorer, the FAQ covers it:
    How do I install ProcessExplorer?

    Please read W2K Pro. Not only applicable to Win2K, but to other Windows versions as well.


    With either of these, I do not see how themes could be affected... Confused

    If you are referring to some other tool, please indicate which one...
    Wednesday, January 14, 2009 3:05 PM
  • Hello molotov, or Admins out there...
     
    I would like to activate a debugger tool in my P.E. ; I can use your expertise.Wink 
     
    PLEASE!!Cry
     
    When I excecuted the debugger before it wiped out my themes and some win services I couldn't even run restore to get them back.Angry
     
    My downloaded file of (dbg_x86_6.10.3.233 -- For: XP sp3 ) is in my local disk "d" drive under a folder name Icons Active files.
     
    How do I do... what is asked in this statement:  
     
    Go to PE's Options | Configure Symbols, and in the "Dbghelp.dll path" box enter the path to DBGHELP.DLL (by default, X:\Program Files\Debugging Tools for Windows\dbghelp.dll)
     
    Do I change that statment to:
     
    D:\local Disk\Icon's Active files\Debugging Tools for Windows\dbghelp.dll Thumbs%20Up
     
    From the C:\WINDOWSSYSTEM32\DBGHELP.DLL --
    which is already keyed in...Question
     
    Or should I click the dbg Win's Installer package in the Local Disk D: to install in C: ; maybe it was a fluke of bad luck before... Disapprove
     
    I just want to load this file correctly...
     
    Also I have: 
     
    SRV*C:\SYMBOLS*http://msdl.microsoft.com/downloads/symbols;  already texted in the Symbols path place.
     
    Do I take that out before I try to load the debugger?
     
    Please advise... for I am used to downloading a file and the program just intiaties itself.
     
    Humbly, thanks in advance... 
     
     
    KBUQuest
     
     
     
     
     
    Thursday, January 15, 2009 1:21 AM
  • To configure symbols in Process Explorer OR Process Monitor:
    1) Download and install the current version of the Debugging Tools for Windows.
    2) Note the location to which the Debugging Tools for Windows are installed (c:\program files\debugging tools for windows is a likely candidate)
    3) Start Process Explorer. In the Options -> Configure Symbols dialog, for the "Dbghelp.dll path", specify or browse to the dbghelp.dll that was installed by the Debugging Tools for Windows (for example, c:\program files\debugging tools for windows\dbghelp.dll).  Do not specify the dbghelp.dll that is in %systemroot%\system32 - that copy of dbghelp.dll does not include the functionality required.
    For the Symbols path, specify the following: srv*C:\Symbols*http://msdl.microsoft.com/download/symbols

    That is all that is needed to configure symbols in Process Explorer; the Paged and Non Paged pool limits should be visible (when Process Explorer is run by an administrator), and when symbols are available the stacks of threads should resolve.
    Thursday, January 15, 2009 4:07 AM
  • I think I followed the instructions for configuring symbols.  But the "System Information" window still shows "no symbols" for Paged Limit and for Nonpaged Limit.

    In the Configure Symbols dialog I have
    C:\Program Files\Debugging Tools for Windows 64-bit\srcsrv\dbghelp.dll
    srv*c:\windows\symbols*http://msdl.microsoft.com/download/symbols

    There is no success or failure message when I close that dialog.  If I change the first field to a different dbghelp.dll on my system
    C:\WINDOWS\system32\dbghelp.dll
    I get a failure message when closing that, and a warning when looking at Threads, and no symbols when looking at threads.

    But with the first dbghelp.dll, I get some symbols when looking at threads.  So I think the configure symbols must be correct.  Why can't it get the Paged and NonPaged Limits?



    Friday, February 27, 2009 3:23 PM
  • Hi johnsfine,

    The correct configuration is to point Process Explorer at the dbghelp.dll that comes with the Debugging Tools for Windows.  What OS are you using?  x86 or x84? 
    Friday, February 27, 2009 3:32 PM
  • The correct configuration is to point Process Explorer at the dbghelp.dll that comes with the Debugging Tools for Windows.


    That is what I did.

    What OS are you using?  x86 or x84? 


    Microsoft Windows XP
    Professional x64 Edition
    Version 2003
    Service Pack 2

    Friday, February 27, 2009 3:44 PM
  • Are you running Process Explorer as an Administrator?
    Friday, February 27, 2009 3:46 PM
  • Are you running Process Explorer as an Administrator?


    Yes, as a member of the Administrators group.  I assume that is what you mean.

    Friday, February 27, 2009 4:17 PM
  • I assume that is what you mean.
    Correct.

    Can you verify that the Process Explorer driver is loaded? (Select the SYSTEM process, enable DLL View [CTRL+D] in the lower pane, and look for PROCEXP113.SYS.)
    Friday, February 27, 2009 9:16 PM
  • Select the SYSTEM process, enable DLL View [CTRL+D] in the lower pane, and look for PROCEXP113.SYS.


    Yes, it is there.

    Almost every item in the list has a Description, Company Name and Version.  I assume the Sysinternals drivers didn't bother.  The only items on the list with those things blank are:
    dump_iaStor.sys
    LiveKdD.SYS
    mvfsx64.sys
    PROCEXP113.SYS

    Since I found the !VM command in LiveKD gives me the PagedPool and NonPagedPool max values, I don't have as great a need to see them in Process Explorer.  But it would be convenient to see them in Process Explorer.


    Saturday, February 28, 2009 5:08 AM
  • Solved.

    I installed Debugging Tools for Windows on a second system and configured symbols there the same way and it worked.  Then I looked around for differences between them.

    The folder inside C:\Windows\Symbols\ntkrnlmp.pdb had a different name and the actual .pdb file inside that folder had a different size.

    I deleted the folder C:\Windows\Symbols\ntkrnlmp.pdb and restarted Process Explorer and when I clicked on View/System Information it paused a while then brought up system information showing those two limits.

    Doing that created a new C:\Windows\Symbols\ntkrnlmp.pdb folder whose contents match the contents on the system where it worked the first time.

    Saturday, February 28, 2009 6:03 AM
  • Good to hear that you were able to get the symbols to work.  DBGHELP_LOG logging would have been the next suggestion, which would likely have turned this up...
    Saturday, March 7, 2009 10:19 AM
  • Does configuring symbols give any other information besides what shows up in the Threads tab for a processes properties?

    With Symbols
    TID � � � � Start Address
    1196 � � � svchost.exe!wmainCRTStartup

    Without Symbols
    TID � � � � Start Address
    1196 � � � svchost.exe+0x2509�

    Monday, August 17, 2009 9:59 PM
  • Does configuring symbols give any other information besides what shows up in the Threads tab for a processes properties?

    With Symbols
    TID         Start Address
    1196       svchost.exe!wmainCRTStartup

    Without Symbols
    TID         Start Address
    1196       svchost.exe+0x2509 


    Yes, symbols are used for thread stack traces.
    Monday, August 17, 2009 10:26 PM
  • ...as well as the pool limits, on the System Information dialog...
    Tuesday, August 18, 2009 2:46 AM