Issue
- You need to generate a log using the ESET Encryption Log Collector
Details
Click to expand
ESET Encryption Log Collector gathers information about the machine's configuration and the user's settings. Information regarding the machine's Full Disk Encryption and the server cloud packets are kept in an encrypted state, which is inaccessible to anyone outside of your organization.
As of version 3.3.0.88 and later, the following files may appear in the ZIP file:
| Filename | Purpose | Presence |
|---|---|---|
| admin_log.txt | Contains information gathered via the Administrative component, locations of software files, Key-Files, active processes, driver information and disk information | Always (Admin) |
| blat_log.txt | Contains information related to upgrade processes used during installation and upgrades |
Always |
| current_dlploy.txt | Contains logging information about cloud communications within a managed environment | Managed |
| dlpcrashdumps.txt | Contains information about any components that have generated crash dumps | Always |
| eediag_log_ | Contains information gathered whilst running in the User context, including current Key-File state and some system information | Always |
| evt_application.txt | Contains recent entries in the machines Application event log | Always |
| evt_crash.txt | Contains a log of all application crashes recorded in the Application event log | Always |
| evt_deslock.txt | Contains recent entries in the machines Endpoint Encryption event log | Always |
| evt_power.txt | Contains a log of power events, start-up, shutdown and power interruptions | Always |
| evt_system.txt | Contains recent entries in the System event log | Always |
| SafeStart.txt | Contains information reported by FDE Safe Start, if it was used | Always |
| Services.txt | Contains information about all currently installed Services | Always |
| sysinfo.txt | Contains information that is normally sent back to an Enterprise Server | Always |
| system.nfo | Contains an export from MSInfo32, a Microsoft system information tool | Always (Admin) |
| update_db.xml | Contains encrypted copies of updates and responses when used in a managed environment | Managed |
| x_dlploadr.bin | Contains the FDE metadata, where x will be the drive letter the file was found on | FDE Encrypted |
| _dlploy.txt | Contains logging information about cloud communications within a managed environment, one for each user profile found | Managed (Admin) |
| _esdirect.txt | Contains logging information for the auto-enrollment feature in a managed environment, one for each user profile found | Managed (Admin) |
| efde_ais_ | Contains logging information for the EFDE service | EFDE Only |
| Status | Contains information in relation to the current EFDE status | EFDE Only |
Do not modify the contents of the ZIP file.
Solution
The ESET Encryption Log Collector gathers information about ESET Endpoint Encryption (EEE) and ESET Full Disk Encryption (EFDE) that cannot be obtained if you run it in another user context.
-
Log in to Windows as the user experiencing the issue.
| Version | Last Updated | SHA256 Hash |
|---|---|---|
| 3.8 | 06/28/2023 | 7F281FA8410DACAC10C90B3AE8B632003B0EB1E626380C369941DFC87D3A6EAD |
-
Run ESET Encryption Log Collector.
-
Click Next.
Figure 1-1 -
ESET Encryption Log Collector will collect the necessary information.
Figure 1-2 -
While collecting information, ESET Encryption Log Collector will attempt to elevate to gather additional information.
-
Users with Administrator rights: Click Yes to accept the User Account Control (UAC) prompt.
Figure 1-3
-
-
-
Users without Administrator rights: Click OK and type the Administrator credentials when prompted.
Figure 1-4
-
-
Unable to run with Administrator rights: If you are unable to elevate ESET Encryption Log Collector, additional information may be requested.
Click No to skip the Administrative component. If you entered the credentials incorrectly, click Yes and type the password in again.
Figure 1-5
-
The ESET Encryption Admin Diagnostics window will run. ESET Encryption Log Collector searches the system for specific EEE and EFDE files. ESET Encryption Log Collector does not read, catalog, analyze or store anything relating to files other than
.datfiles..datfiles will be read to determine if they match the specific header. If the files do not match the ESET Encryption Log Collector specifications, they are ignored.
Figure 1-6 -
After the ESET Encryption Log Collector has been completed, a
.zipfile will be created on the Desktop with a filename beginningeediag_logfollowed by the current time and date in UTC format.
Figure 1-7
