Follow

Why does Kaseya AV service (KasSrvAV.exe) crash on a KES endpoint?

KB#:  KKB000450

QUESTION
Why does Kaseya AV service (KasSrvAV.exe) crash on a KES endpoint?

The following message pops up on the screen: -


The following event or similar is logged in the Application Event log: -

Event Type: Error
Event Source: Application Error
Event Category: (100)
Event ID: 1000
Date: 10/21/2008
Time: 4:00:33 AM
User: N/A
Computer: ATAPC06
Description:
Faulting application KasAVSrv.exe, version 1.5.0.40, fau! lting module avgapix.dll, version 8.0.0.183, fault address 0x0001b2df.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 4b 61 73 ure Kas
0018: 41 56 53 72 76 2e 65 78 AVSrv.ex
0020: 65 20 31 2e 35 2e 30 2e e 1.5.0.
0028: 34 30 20 69 6e 20 61 76 40 in av
0030: 67 61 70 69 78 2e 64 6c gapix.dl
0038: 6c 20 38 2e 30 2e 30 2e l 8.0.0.
0040: 31 38 33 20 61 74 20 6f 183 at o
0048: 66 66 73 65 74 20 30 30 ffset 00
0050: 30 31 62 32 64 66 01b2df 

ANSWER

KasAVSrv.exe is the process Kaseya Endpoint Security (KES) uses to interact with the AVG client software on endpoints. When a crash occurs it may be due to the AVG software or an issue with the KES code. Diagnosis requires a crash dump.

Please take the following steps to gather a crash dump for analysis by Kaseya and / or AVG developers: -

1) click on the "Click here" link on the message above

2) you will see the following:


3) click on the link highlighted above

4) you will see something like this:


5) go to the directory where the files being sent live. It's usually c:\documents and settings\username\Local Settings\temp\. You get this directory (with a little hunting) from the paths shown in "Error Report Contents"

6) copy all the files in the directory to a zip file. Do not close the dialog before you have copied the files to the zip file. The files will be deleted or sent to Microsoft when you close the dialog.

7) create a support ticket with Kaseya by going to System tab > Request Support on your VSA. Please include the following information: -
- attach the zip containing the crash dump
- machine.group ID of the endpoint the crash occurred on
- time / date the crash occurred
- circumstances leading to the crash, e.g. during a scan, update etc
- if the crash is repeatable include detailed steps that we can use to make it happen
- to expediate resolution, please provide access to your VSA application with permission to remote control a machine where it has occurred
- refer to this KB article

MORE INFORMATION

APPLIES TO
Kaseya Endpoint Security (all versions)

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Article is closed for comments.