Special requestWe have one request for our forum users. We need to obtain dumps of AV service with enabled full page heap. It would helps us a lot if some of you could go through these steps in order to help us to analyze crashes we see currently reported on our backends in the latest beta version (20.6).
1) You need Application Verifier from Windows SDK installed. You can grab latest SDK (aplicable to Win7 and later) here: https://developer.microsoft.com/en-us/windows/downloads/windows-10-sdk/
2) To enable verification, you need to disable Self-Defense (Menu -> Settings -> Troubleshooting -> untick Enable Self-Defense) if AV is already installed.
3) Enable Heaps checking for AV service.
avast: appverif.exe -enable Heaps -for AvastSvc.exe -with Heaps.full=True
4) Install AV if not already installed, else re-enable Self-Defense.
5) Observe for memory dumps in
avast: %PROGRAMDATA%\AVAST Software\Avast\log
Note that it is recommended to run 64bit system, because Heap checking is quite demanding on memory consumption and 32bit address space is just too small for this technique. Running this on system with 8GB RAM or more is also recommended. If you still plan to try this on 32bit OS, you could at least enable verification without Full Heap checking via Heaps.full=False, but the added value for analysis is lowered. Application Verifier settings will persist through reboots. To disable verification, run appverif.exe -disable * -for *The memory dumps will be usually automatically submitted to our servers. However, there are limits on submit size and upload frequency, so if dumps are very large (200MB+ usually) you could zip the files and upload them to our ftp (here is how:
https://support.avast.com/article/160/, please post the name of the uploaded archive).
Thank you very much!