Reproduction steps:

Open encryption Monitor

Actual result:

Dump after dump will be created

Expected Result:

no dump

System:

Windows 11 21H2 (not 10)

Buld 22000.120

KES 11.7.0.453

second day with Windows 11 runs well with no problems so far

@dmitriy-pisarets

I have an Etl file basicly always generated if the product is running, am i assuming correct that this is the same bug?

Dump/crash during KVRT vs Malware.

I installed some malware, ran KVRT -> it wanted a reboot.

After the reboot i started the scan thats when KVRT crashed.

I restarted kvrt and it removed all Malware with a couple scans.

https://cloud.qainfo.ru/s/jRDRHkbMohqVE5c

Hi Yury,

System Analyze Scan and System full scan worked fine on my main system, no problems so far. Might run some more test later.

Hi,

today i booted up and KTS reported damaged components.

I run an update, when th update finished, KTS crashed an rebooted.

I send the dump to the server.

VMWare Worktation 15 Player:

Windows 10 Enterprise 2004

19041.508

KES 11.5.0.536

APPLICATION_HANG_c0000194_avp.exe!mainEECStartup

Reproduction steps:

i set up KES vs Malware.

1. $1

2. $1

3. $1

4. $1

5. $1

6. $1

Actual result:

KES crashed and restarted and continued to process the malware it found

Expected Result:

no crash

VMWare Worktstation Player 15:

Windows 10 x64

KES 11.5.0.536 AES 256

---

Reproduction steps:

Settings -> Web Control -> Rules diagnostics

Try to change any rules or set any of them up. No changes will prompt a save changes-> I cant setup any rules.

Actual result:

no changes will be saved, no prompt to save changes will come up.

Expected Result:

Changes in settings will prompt me to click on save and confirm changes.

@jarvis

Hi, seems to be working correctly now with the new version. Issue can be closed.

VMWare Worktation 15 Player:

Windows 10 Pro 2004

19041.508

KES 11.5.0.491

APPLICATION_FAULT_42849fd0_traffic_processing.dll!Unknown

Reproduction steps:

every time i start KES in my virtual machine i get this dump

second example: https://cloud.qainfo.ru/s/qAOKuZ7LPfaf9Os

VMWare Worktation 15 Player:

Windows 10 Pro 2004

19041.508

KES 11.5.0.491

---

Reproduction steps:

sometimes when i changed settings, file threat protection and device control in my case the gui can freeze. I had two cases where the gui froze and i could kill the process because it wasnt responding.

Actual result:

GUI froze setting changes where saved

Expected Result:

setting changes where saved

second traces example: https://cloud.qainfo.ru/s/HbrA6NkrnJfdYFH

Hi,

Yes.

Webcontrol Rules diagnostics wont prompt a save and wont save either for example.

Do you need any traces? Or other kind of infos?

Real system:

Windows 10 x64 2004

Version: 19041.450

KES 11.5.0.373 (Windows)

APPLICATION_FAULT_42849fd0_app_core_legacy.dll!Unknown

Reproduction steps:

i exited KES over the symbol on the bottom right waited a minute or two then restarted KES and got the dump

I think the issue was that KES didnt properly stopped the running processes.

Actual result:

KES didnt close processes correctly -> didnt restart

Expected Result:

KES restarted

Real system:

Windows 10 x64 2004

Version: 19041.450

KES 11.5.0.373 (Windows)

APPLICATION_FAULT_42849fd0_bl.ppl!Unknown

---

Reproduction steps:

i changed the quick scan settings to max and added most settings

i started the quick scan that when the dump was created. 

I think the dump was due to an error where KES tried to continue a scan -> Dump -> scan normaly started

Actual result:

KES tried to continue a scan and created a dump then the scan started normal from 0%

Expected Result:

Scna starts

Real system:

Windows 10 x64 2004

Version: 19041.450

KES 11.5.0.373 (Windows)

---

Reproduction steps:

when you Edit rules in Adaptive anomaly control settings changes wont save/ you wont be prompted to save setting changes

Real system:

Windows 10 x64 2004

Version: 19041.450

KES 11.5.0.373 (Windows)

APPLICATION_FAULT_42849fd0_product_facade.dll!Unknown

Reproduction steps:

i tried to create a request access file for my eternal harddrive. when i clicked save (to save the file) the dump was created

Actual result:

no access file was save and an error occured

Expected Result:

access file was saved

Real system:

Windows 10 x64 2004

Version: 19041.450

KES 11.5.0.373 (Windows)

APPLICATION_FAULT_42849fd0_app_activity_monitor.dll!Unknown

Reproduction steps:

not sure about the cause but i think its related to playing with application controll settings too.

---

Real system:

Windows 10 x64 2004

Version: 19041.450

KES 11.5.0.373 (Windows)

APPLICATION_FAULT_42849fd0_app_activity_monitor.dll!ekaCreateObject

Reproduction steps:

1. $1

2. $1

3. $1

4. $1

Actual result:

dump creation then the list was opened

Expected Result:

no dump

The threat detection and processing performance seems to be realy bad can someone confirm this?

A scan of a testmalware folder with 200 files took 33min with threat resolving. While process was at 1-3% CPU-usage. 

eal system:

Windows 10 x64 2004

Version: 19041.450

KES 11.5.0.373 (Windows)

APPLICATION_FAULT_42849fd0_upgrade_settings.dll!ekaGetObjectFactory

APPLICATION_FAULT_42849fd0_product_infrastructure.dll!ekaGetObjectFactory

Reproduction steps:

i ran the GSI tool during that those 2 dumps where created