How to collect diagnostic data using the FDERT utility if you have issues when decrypting a drive
This article concerns:
- Kaspersky Endpoint Security 11.10.0 for Windows (version 18.104.22.1689)
- Kaspersky Endpoint Security 11.9.0 for Windows (version 22.214.171.1241)
- Kaspersky Endpoint Security 11.8.0 for Windows (version 126.96.36.1994)
- Kaspersky Endpoint Security 11.7.0 for Windows (version 188.8.131.529)
- Kaspersky Endpoint Security 11.6.0 for Windows (version 184.108.40.2064)
To collect diagnostic data when decrypting a drive using the Encrypted Device Restore Utility (FDERT), do the following:
- Start the FDERT Utility on the computer where you try to decrypt a drive. For instructions, see Online Help.
- Click Settings.
- Select the Save Restore Utility event log in folder checkbox, click Browse and select a folder to save the utility event log. Click OK.
- Select the drive you want to decrypt from the Select device drop-down list and click Scan.
- When the scanning is complete, click Save diagnostics and save the archive with the diagnostic data.
- Reproduce the issue when decrypting the drive.
- Click Export log and save the utility log.
- Close the FDERT utility.
- Send to Kaspersky technical support the following files:
- The fdert-DD-MM-YYYY.log and fdert_service-DD-MM-YYYY.log files from the folder that you selected at step 3
- The ZIP file with the FDERT diagnostics results
- The CSV file with the FDERT utility log
Wait for the technical support answer and follow the recommendations.
How to collect data using the FDE disk dump tool utility
To collect diagnostic data using the FDE disk dump tool utility, do the following:
- Open Disk Management by using the diskmgmt.msc command. Find the drive with the RAW partition and memorize its number. You will need it at step 6. For details, see the Microsoft support site.
- Take a screenshot of the Disk Management window and highlight the affected drive.
- Create an empty folder on the computer with the affected drive. Copy into this folder the fde_disk_dump_tool.exe file that was sent to you by a Kaspersky technical support engineer.
- Open the command line with administrator’s rights. See this article for instructions.
- By running the cd command, open the folder with the fde_disk_dump_tool.exe utility.
- Start the utility with the command:
Where N is the drive number from step 1. Example: fde_disk_dump_tool.exe \\.\PhysicalDrive0.
- Wait until the utility has finished running.