Solution
In some instances, you may need to enable a special logging mode to help troubleshoot problems with blocked connections in the Personal firewall module, such as conflicts with other NDIS filtering device drivers. This mode allows the Personal firewall to log additional information about the computer’s network connection(s) which can be used by ESET’s support specialists to help resolve issues.
The Personal firewall special logging mode should only be used if:
-
No entries are written to Tools → Log files → ESET Personal firewall log when the Personal firewall → IDS and advanced options → Log all blocked connections option is enabled in the Advanced Setup window.
-
Problems continue to occur after the Personal firewall module has been disabled.
Follow the steps below to activate special logging:
-
Click Start → Run. The Run window will be displayed. Type regedit and click OK (Windows Vista users: Click Start, type regedit and press ENTER).
-
Navigate to the following key: HKLMSOFTWAREEsetESET SecurityCurrentVersionPlugins�1000200Profiles@My profile
-
Create a new DWORD value titled WriteBlockedToPcap and set its value to 1. Restart your computer.
-
All blocked packets will now be saved to the following directory:
Windows XP: C:Document and SettingsAll UsersApplication DataEsetEset Smart SecurityEpfwLog.pcap
Windows Vista: C:ProgramDataESETESET Smart SecurityEpfwLog.pcap
Windows 7: C:ProgramDataESETESET Smart SecurityEpfwLog.pcap
-
Replicate the problematic situation.
-
Disable special logging (set the WriteBlockedToPcap value to 0 and restart your computer).
-
Send the file EpfwLog.pcap (and all other files in the same folder beginning with ‘Epwf’) for analysis to ESET’s support specialists. The contact email address is support@eset.com.
