LocknetSSmith 6 Posted July 11, 2013 Share Posted July 11, 2013 I wasn't sure if I should post in this in the Remote Admin forum, but it's a good place to start. In the remote admin policy for several of our clients that have reported Blue Screens on older Windows XP computers running ESET Endpoint Antivirus, I enabled Diagnostics in the ESET RA policy For instance: Windows Desktop v5 -> Kernel -> Settings -> Diagnostics I marked this policy and set the "Application Memory Dump Type" to "Complete Memory Dump." I did this because I haven't been able to capture a full memory dump that may help in getting to the bottom of this - only minidumps which ESET Support already indicated did not contain enough information to determine how the crash occured. That all said, I have had this policy in place for several weeks, and today a Windows XP computer one one of our managed clients locations Blue Screened, but I cannot find that .dump file anywhere. Does anyone know where this dump file would be generated? Link to comment Share on other sites More sharing options...
Administrators Solution Marcos 5,071 Posted July 11, 2013 Administrators Solution Share Posted July 11, 2013 Dump files are generated when ekrn crashes. If a computer crashes with BSOD, you need to look for the dump created by Windows, ie. by default c:\windows\memory.dmp. Link to comment Share on other sites More sharing options...
LocknetSSmith 6 Posted July 11, 2013 Author Share Posted July 11, 2013 I see - that answers my question then - I just assumed that because I was enabled this feature in the ESET RA policy that it would generate the dump in some sort of ESET directory, like C:\Program Files\ESET or something to that effect. Thank you though. Link to comment Share on other sites More sharing options...
Recommended Posts