Skip to main content

Where can I find the diagnostic program? - Kennisbank / ESET Endpoint Encryption / Diagnostics - ESET Tech Center

Where can I find the diagnostic program?

Authors list

The ESET Endpoint Encryption Diagnostics utility

If you are experiencing any problems with the ESET Endpoint Encryption client software and wish to submit a ticket for the support team to investigate your problem, then it may be that the support team will ask you to provide a diagnostics file which can be generated by running our diagnostics utility.


The utility generates a log of both the software and general system information to aid the support team in analysing your problem.


You can download the Diagnostics utility using this link : ESET Endpoint Encryption Diagnostics utility

Please note you should always run the latest version of the Diagnostics utility. You can check the version and/or hash below. If you are unsure which version you have, just download the file again.


VersionLast UpdatedSHA256 Hash

On recent versions of Windows, you can generate a hash using certutil : certutil -hashfile <filename> SHA256


Running the Diagnostics utility

Unless specifically directed to do so by a support team member, you should always run the Diagnostics utility following the instructions below.


You should run the utility whilst logged in to Windows as the user experiencing the problem, and unless advised otherwise, you must notright click and 'Run as administrator'.


The ESET Endpoint Encryption Diagnostics utility gathers information about the software that can not be obtained if you run it in another user context.

The Diagnostics utility needs to gather information as the currently active Windows user

Part way through running, the Diagnostics utility will need to run an elevated, that is Administrative, component to gather information about the machine itself.

If the customers problem is related to Full Disk Encryption, it is almost always necessary to perform this step, as information required can not be gathered without Administrator level access.

If the user has Administrator rights, this will mean accepting the UAC prompt.


If the user does not have Administrator rights, you can enter different user credentials at this point and will be prompted to do so.

If it is not possible to run this component, e.g. because the user can not provide Administrator credentials, other information may need to be requested later by the support team, depending on the nature of the problem.

Clicking 'No' will skip running the Administrative component. If you entered the credentials incorrectly, click 'Yes' and you can try again.


The Administrative component displays its activity window over the top of the User component.

Whilst the Admin Diagnostics is running, it performs a file search over the users data. This search is looking for specific ESET Endpoint Encryption files and encrypted folders, it does not read, catalogue, analyse or store anything about any other files, except where the files are of a '.dat' type. In these instances, the file will be read to determine if it matches our specific header and ignored otherwise.


Once the utility has finished working, a .zip file will be created on the users Desktop with a filename beginning 'eediag_log' followed by the current time and date in UTC format. This file should be submitted to the support team, either via email or ticketting system.


What information does the Diagnostics utility collect?

The Diagnostics utility collects information that helps the Support team diagnose problems that have occurred whilst using the software.

When run fully, it gathers information about the machines configuration, the active users settings, policies and configuration.


Information about FDE and Server cloud packets is kept in an encrypted state and we can not decrypt it because only you and your Server have the keys.


The information gathered is quite broad and varied because it assists the Support team to look for settings or files that may cause conflicts and problems with the software, this can often save time in the long run because all the information is presented to us at once, rather than having to keep making requests.


As of Version, and later, the following files may appear in the eediag zip file, depending on settings

admin_log.txtContains information gathered via the Administrative component, locations of software files, Key-Files, active processes, driver information and disk informationAlways (Admin)
blat_log.txtContains information related to upgrade processes used during installation and upgradesAlways
current_dlploy.txtContains logging information about cloud communications within a managed environmentManaged
dlpcrashdumps.txtContains information about any components that have generated crash dumpsAlways
eediag_log_<time>_<date>.txtContains information gathered whilst running in the User context, including current Key-File state and some system informationAlways
evt_application.txtContains recent entries in the machines Application event logAlways
evt_crash.txtContains a log of all application crashes recorded in the Application event logAlways
evt_deslock.txtContains recent entries in the machines Endpoint Encryption event logAlways
evt_power.txtContains a log of power events, start up, shutdown and power interruptionsAlways
evt_system.txtContains recent entries in the System event logAlways
SafeStart.txtContains information reported by FDE Safe Start, if it was usedAlways
Services.txtContains information about all currently installed ServicesAlways
sysinfo.txtContains information that is normally sent back to an Enterprise ServerAlways
system.nfoContains an export from MSInfo32, a Microsoft system information toolAlways (Admin)
update_db.xmlContains encrypted copies of updates and responses when is used in a managed environmentManaged
x_dlploadr.binContains the FDE meta data, where x will be the drive letter the file was found onFDE Encrypted
<username>_dlploy.txtContains logging information about cloud communications within a managed environment, one for each user profile foundManaged (Admin)
<username>_esdirect.txtContains logging information for the auto-enrolement feature in a managed environment, one for each user profile foundManaged (Admin)

If you have upgraded from some much older installs, there may also be additional logs that correspond to deprecated files, there may also be files created as the result of instructions provided by the support team.


So that we can provide effective and accurate support, please do NOT modify the contents of the zip file.

Add a comment

Please log in or register to submit a comment.

Need a password reminder?