Jump to content

ESET Diagnostics Policy - Where Does it Go?

Go to solution Solved by Marcos,

Recommended Posts

I wasn't sure if I should post in this in the Remote Admin forum, but it's a good place to start. 


In the remote admin policy for several of our clients that have reported Blue Screens on older Windows XP computers running ESET Endpoint Antivirus, I enabled Diagnostics in the ESET RA policy


For instance:

Windows Desktop v5 -> Kernel -> Settings -> Diagnostics


I marked this policy and set the "Application Memory Dump Type" to "Complete Memory Dump." 


I did this because I haven't been able to capture a full memory dump that may help in getting to the bottom of this - only minidumps which ESET Support already indicated did not contain enough information to determine how the crash occured. 


That all said, I have had this policy in place for several weeks, and today a Windows XP computer one one of our managed clients locations Blue Screened, but I cannot find that .dump file anywhere. 


Does anyone know where this dump file would be generated?

Link to comment
Share on other sites

  • Administrators
  • Solution

Dump files are generated when ekrn crashes. If a computer crashes with BSOD, you need to look for the dump created by Windows, ie. by default c:\windows\memory.dmp.

Link to comment
Share on other sites

I see - that answers my question then - I just assumed that because I was enabled this feature in the ESET RA policy that it would generate the dump in some sort of ESET directory, like C:\Program Files\ESET or something to that effect. 


Thank you though.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...