In the event a Blue Screen occurs on a machine encrypted with Symantec Encryption software, complete memory dumps are typically needed. In some cases, more detailed memory dumps may be needed.
This article will go over the steps on how to obtain these more detailed memory dumps for both Symantec Endpoint Encryption 11 and Symantec Encryption Desktop 10.
One example of when this may be needed is if Symantec Drive Encryption displays a Blue Screen of Death (BSoD) error referencing the PGPwded.sys driver.
If BSoD errors are occurring, first upgrade to the latest release of Encryption Desktop and ensure that the machine's BIOS and disk controller drivers are up to date.
When other troubleshooting steps have been unsuccessful, in order to fully analyze BSoD issues, Symantec Technical Support may ask for a memory dump.
Complete memory dumps are not enabled by default. To configure Windows to generate complete memory dumps, please see the article HOWTO31321.
If Symantec Support does need the driver verifier dumps enabled, and once the complete memory dumps are configured, reboot and enable Microsoft Driver Verifier and customize it as follows.
Note: It is important to exclude Security checks from the Verifier configuration (see step 4 below) because some security checks in Verifier generate an erroneous DRIVER_VERIFIER_DETECTED_VIOLATION (c4) bug check:
Once Verifier has been configured, the next time that a BSoD occurs, a complete memory dump will be available and can be provided to Symantec Technical Support if they request it.
To reset Verifier to its defaults, open Verifier and choose Delete existing settings from the Select a task menu, then click Finish.