[SDP 2][82769D3C-7DF8-4071-B9D1-CB264DE4BE2B] Default SDP Manifest for Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008

Receive Microsoft Knowledge Base articles by E-Mail?

Every night we scan the Microsoft Knowledge Base. If technologies you're interested in are updated, we'll send you an e-mail. You only get one e-mail a day, and only when new articles are added.

Click here to create a
FREE account

Already have an account?
[Click here to Login]


	Search KbAlertz Advanced Search

Webmasters
Put kbAlertz on your website.
[ Click Here for more! ]

Discount ASP.NET Hosting
ASP.NET 2.0 and 3.5
Windows2008 and SQL2008
US and UK Hosting
KBAlertz referrals get
** SIX MONTHS FREE **

We Send hundreds of thousands of emails using ASP.NET Email

Discount ASP.NET Hosting
ASP.NET 2.0 and 3.5
Windows2008 and SQL2008
US and UK Hosting
KBAlertz referrals get
** SIX MONTHS FREE **

Mentioned In

Microsoft Knowledge Base Article

This article contents is Microsoft Copyrighted material.
©2005-©2007 Microsoft Corporation. All rights reserved. Terms of Use | Trademarks

Article ID: 2277908 - Last Review: July 13, 2010 - Revision: 2.0

[SDP 2][82769D3C-7DF8-4071-B9D1-CB264DE4BE2B] Default SDP Manifest for Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008

View products that this article applies to.

Expand all | Collapse all

SUMMARY

The Windows Default SDP Manifest for Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008, Windows Server 2003, Windows Vista and Windows Server 2008 was designed to collect information used in troubleshooting general Windows issues in different technologies, including Setup, Performance, Networking and Failover Cluster.

Back to the top

MORE INFORMATION

This article describes the information that may be collected from a machine when running Default SDP Manifest for Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008.

Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â

Information Collected

Event Logs - General

Collapse this tableExpand this table

Description	File Name
Event Log â€“ ApplicationÂ â€“ text, csv and evtx formats	{Computername}_evt_Application.*
Event Log â€“ System â€“ text, csv and evtx formats	{Computername}_evt_System.*
Event Logs â€“ Other	{Computername}_evt_.

File Version Information

Collapse this tableExpand this table

Description	File Name
File version information from %windir%\cluster\.	{Computername}_sym_Cluster.*
File version information from %windir%\system32\*.dll	{Computername}_sym_System32_dll.*
File version information from %windir%\system32\*.exe	{Computername}_sym_System32_exe.*
File version information from %windir%\system32\*.sys	{Computername}_sym_System32_sys.*
File version information from %windir%\system32\drivers folder	{Computername}_sym_Drivers.*
File version information from %windir%\system32\drivers\.	{Computername}_sym_SysWOW64_sys.*
File version information from {Program Files (x86}}\*.sys	{Computername}_sym_ProgramFilesx86_sys.*
File version information from {Program Files}\*.sys	{Computername}_sym_ProgramFiles_sys.*
File version information from {Program Files}\Microsoft iSNS Server\. and %windir%\system32\iscsi.	{Computername}_sym_MS_Iscsi.*
File version information from all drivers currently running on machine	{Computername}_sym_RunningDrivers.*
File version information from all processes currently running on machine	{Computername}_sym_Process.*
File version information from print spooler folder %windir%\system32\Spool\.	{Computername}_sym_PrintSpooler.*
File version information from Windows\Cluster	{Computername}_sym_Cluster.*

Device and Drivers

Collapse this tableExpand this table

Description	File Name
Devices and connection information generated by devcon utility	{Computername}_Devcon.log
Minifilter drivers enumeration using Fltmc.exe utility	{Computername}_Fltmc.txt
MS-DOS device names using dosdev utility	{Computername}_DosDev.txt
Output from Driver Verifier Manager (verifier.exe) utility	{Computername}_Verifier.txt
Upper and lower filters Information using fltrfind.exe utility	{Computername}_FltrFind.txt
Information about driver signature using driverquery.exe	{Computername}_SignedDrivers.txt

Storage/Disk Information

Collapse this tableExpand this table

Description	File Name
Fibre Channel Information Tool information collected by FCInfo utility	{Computername}_fcinfo.txt
Information from machine disk sectors generated by SecInspect.exe utility	{Computername}_Secinspect.txt
iSCSI related information generated by iscsicli.exe utility	{Computername}_iSCSIInfo.txt
Parsing of Storage related event logs (Events 6 7 9 11 15 50 51 57 and 389) on System log using evparse.exe utility	{Computername}_StorageEventLogs.htm
Fibre Channel Information tool (fcinfo) output to obtain SAN resources and configuration information	{Computername}_FCInfo.txt
Dispartâ€™s SAN policy information	{Computername}_DiskpartSANPolicy.txt

Memory Dumps and related

Collapse this tableExpand this table

Description	File Name
Information about Machine Memory Dumps, User memory dumps and memory dump configuration	{Computername}_DumpReport.*
Compressed version of mini machine memory dumps located at %windir%\minidumps	{Computername}_dmp_*.cab
Windows Error Reporting mini dumps generated in past 30 days	{Computername}_dmp_*.cab

Hotfixes and Updates

Collapse this tableExpand this table

Description	File Name
Installed Updates/ Hotfixes	{Computername}_Hotfixes.*

Virtualization

Collapse this tableExpand this table

Description	File Name
Basic information about machine virtual environment	{Computername}_Virtualization.*

Networking Related Information

Collapse this tableExpand this table

Description	File Name
Basic IP networking configuration information, such as Tcp/ip registry key, ipconfig, netstat, nbtstat and netsh output	{Computername}_TcpIp-Info.txt
Basic SMB configuration information based on output of net.exe utility	{Computername}_SMB-Info.txt
Information about TCP Offload from the registry and netsh	{Computername}_TCPIP-Info-Offload.txt
Networking Setup/ information about the attempts to join domains	{Computername}_netsetup.log
Network Diagnostic took (netdiag.exe) output	{Computername}_netdiag.txt
Permissions dump for registry key HKLM\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg	{Computername}_winreg.txt
DNS cache information from â€˜ipconfig.exe /displaydnsâ€™ command	{Computername}_DnsClient-DnsCache.txt
HOSTS file from \Windows\System32\Drivers\etc folder	{Computername}_DnsClient-HostsFile.txt
SERVICES file from \Windows\System32\Drivers\etc folder	{Computername}_TCPIP-ServicesFile.txt
LMHOSTS file from \Windows\System32\Drivers\etc folder	{Computername}_WinsClient-LmhostsFile.txt
Firewall information from â€˜netsh firewallâ€™ context output	{Computername}_Firewall-Netsh-Fw.txt
IPSec information from â€˜netsh ipsecâ€™ context output	{Computername}_IPsec-Netsh.txt
Internet Protocol security (IPSec) policy information via â€˜netsh ipsec static exportpolicyâ€™ output	{Computername}_IPsec-Export.ipsec
General networking configuration from â€˜netsh dumpâ€™ output	{Computername}_Netsh-Dump.txt
Load Balancing configuration via â€˜wlbs.exe displayâ€™ command	{Computername}_NLB-WlbsDisplay.txt
Remote Access Service Information via â€˜netsh rasâ€™ context output	{Computername}_RAS-Netsh.txt
General IPv4 information via â€˜netsh int ipv4â€™ context output	{Computername}_TCPIP-Netsh-IPv4.txt
General IPv6 information via â€˜netsh int ipv6â€™ context output	{Computername}_TCPIP-Netsh-IPv6.txt
Winsock catalog information via â€˜netsh winsock show catalogâ€™ output	{Computername}_WinSock-Netsh.txt
Wired 802.1X (LAN) information via â€˜netsh lanâ€™ context output	{Computername}_8021x-Netsh-LAN.txt
Wireless Local Area Network (WLAN) 802.11 connectivity and security settings via â€˜netsh wlanâ€™ context output	{Computername}_8021x-Netsh-WLAN.txt
Background Intelligent Transfer Service (BITS) information via â€˜BitsAdmin /listâ€™ command output	{Computername}_BITS-BitsAdmin-List.txt
Dynamic Host Configuration Protocol (DHCP) Server information via â€˜netsh dhcp serverâ€™ context output	{Computername}_DhcpServer-Netsh.txt
Windows Internet Name Service (WINS) Server information via â€˜netsh wins serverâ€™ context output	{Computername}_WinsServer-Netsh.txt
Windows Internet Name Service (WINS) client â€“ Netbios cache via â€˜nbtstat.exe â€“câ€™ command output	{Computername}_WinsClient-NetbiosCache.txt
Remote Procedure Call (RPC) general information via â€˜netsh rpcâ€™ context output	{Computername}_RPC-Netsh.txt
Displays the current Windows HTTP Services (WinHTTP) proxy information via â€˜netsh winhttp show proxyâ€™ output	{Computername}_WinHttp-Netsh.txt

Printers and Print drivers

Collapse this tableExpand this table

Description	File Name
Printers and Print driver information, including drivers, print monitors, print processors	{Computername}_PrintInfo.*

Directory Services Related Information

Collapse this tableExpand this table

Description	File Name
Netlogon service log file (\Windows\Debug\Logs\netlogon.log)	{Computername}_Netlogon.log
Winlogon log file (\Windows\security\logs\winlogon.log)	{Computername}_Winlogon.log
Security Templates currently cached on the system (From \Windows\Security\Templates\Policies)	{Computername}_AppliedSecTempl.txt
Gathers the user privilege settings using showpriv.exe tool	{Computername}_Userrights.txt
Networking Setup/ Domain Join related information	{Computername}_Netsetup.log

Registry Keys

Collapse this tableExpand this table

Description	File Name
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall HKLM\Software\Microsoft\Windows NT\CurrentVersion\Hotfix HKCU\SOFTWARE\Policies\Microsoft HKLM\Software\Policies\Microsoft HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer HKLM\SYSTEM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon HKLM\Software\Microsoft\Active Setup HKCU\Software\Microsoft\Active Setup HKLM\Software\Microsoft\Windows NT\CurrentVersion HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions HKCU\Software\Microsoft\Windows NT\Currentversion\AppCompatFlags HKCU\Software\Microsoft\Java VM HKLM\Software\Microsoft\Windows\CurrentVersion\NetCache HKLM\Software\Microsoft\EAPOL\Parameters\General\Global HKLM\Software\Microsoft\NetworkAccessProtection HKLM\Software\Microsoft\Windows NT\CurrentVersion\NetworkList	{Computername}_reg_Software.txt
HKLM\System\MountedDevices HKLM\Hardware\DESCRIPTION\System\CentralProcessor HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider HKLM\System\CurrentControlSet\Control\Session Manager\Power HKLM\SYSTEM\CurrentControlSet\Control\Lsa HKLM\System\CurrentControlSet\Control\Session Manager HKLM\SYSTEM\CurrentControlSet\Control\TimeZoneInformation HKLM\SYSTEM\CurrentControlSet\Control\Video HKLM\System\CurrentControlSet\Services\napagent HKLM\System\CurrentControlSet\Services\Afd HKLM\System\CurrentControlSet\Services\BITS HKLM\System\CurrentControlSet\Services\Dhcp HKLM\System\CurrentControlSet\Services\DHCPServer HKLM\System\CurrentControlSet\Services\Dnscache HKLM\System\CurrentControlSet\Services\DNS HKLM\System\CurrentControlSet\Services\IPsec HKLM\System\CurrentControlSet\Services\PolicyAgent HKLM\System\CurrentControlSet\Services\lanmanserver HKLM\System\CurrentControlSet\Services\LanmanWorkstation HKLM\System\CurrentControlSet\Services\MpsSvc HKLM\System\CurrentControlSet\Services\MRxDav HKLM\System\CurrentControlSet\Services\WebClient HKLM\System\CurrentControlSet\Services\MrxSmb HKLM\System\CurrentControlSet\Services\MrxSmb10 HKLM\System\CurrentControlSet\Services\MrxSmb20 HKLM\System\CurrentControlSet\Services\rdbss HKLM\System\CurrentControlSet\Services\MUP HKLM\System\CurrentControlSet\Services\NetBT HKLM\System\CurrentControlSet\Services\Netlogon HKLM\System\CurrentControlSet\Services\RasMan HKLM\System\CurrentControlSet\Services\SharedAccess HKLM\System\CurrentControlSet\Services\wscsvc HKLM\System\CurrentControlSet\Services\SMB HKLM\System\CurrentControlSet\Services\Tcpip HKLM\System\CurrentControlSet\Services\Tcpip6 HKLM\System\CurrentControlSet\Services\VSS HKLM\System\CurrentControlSet\Services\Winsock HKLM\System\CurrentControlSet\Services\Winsock2	{Computername}_reg_System.txt
HKLM\System\MountedDevices	{Computername}_reg_MountedDevices.hiv
HKCU\Network	{Computername}_reg_NetworkConnections.TXT
HKLM\System\CurrentControlSet\Control\CrashControl HKLM\System\CurrentControlSet\Control\Session Manager HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management HKLM\Software\Microsoft\Windows NT\CurrentVersion\AeDebug HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options HKLM\Software\Microsoft\Windows\Windows Error Reporting HKLM\Software\Policies\Microsoft\Windows\Windows Error Reporting	{Computername}_reg_Recovery.txt
HKCU\Software\Microsoft\Windows\CurrentVersion\Run HKCU\Software\Microsoft\Windows\CurrentVersion\Runonce HKCU\Software\Microsoft\Windows\CurrentVersion\RunonceEx HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run HKLM\ Software\Microsoft\Windows\CurrentVersion\Run HKLM\Software\Microsoft\Windows\CurrentVersion\Runonce HKLM\Software\Microsoft\Windows\CurrentVersion\RunonceEx HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" HKCU\Software\Microsoft\Windows NT\CurrentVersion\Load HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\UserInit	{Computername}_reg_Startup.txt
HKLM\SYSTEM\CurrentControlSet\Control\Print	{Computername}_reg_Print.*
HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server Web Access HKLM\System\CurrentControlSet\Services\TermService HKLM\System\CurrentControlSet\Services\TermDD	{Computername}_reg_TermServer.txt
HKLM\Software\Microsoft\Internet Explorer HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\IEXPLORE.EXE HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings HKCU\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings HKLM\Software\Microsoft\Internet Domains HKLM\Software\Microsoft\Internet Connection Wizard HKCU\Software\Microsoft\Internet Connection Wizard HKLM\Software\Microsoft\Internet Account Manager HKCU\Software\Microsoft\Internet Account Manager HKLM\Software\Microsoft\IEAK HKCU\Software\Microsoft\IEAK HKLM\Software\Microsoft\IEAK6 HKLM\Software\Microsoft\IE Setup	{Computername}_reg_IE.txt
HKLM\System\CurrentControlSet\Services\iScsiPrt HKLM\Software\Microsoft\iSCSI Target HKLM\Software\Microsoft\Windows NT\CurrentVersion\iSCSI	{Computername}_reg_iSCSI.*
HKLM\Software\Microsoft\iSCSI Target	{Computername}_reg_iSCSI_Target.hiv
HKLM\Software\Microsoft\Windows NT\CurrentVersion\iSCSI	{Computername}_reg_CurrentVersion_iSCSI.HIV
HKLM\System\CurrentControlSet\Control\MPDev HKLM\System\CurrentControlSet\Control\iSCSIPrt HKLM\System\CurrentControlSet\Services\MSiSCSI HKLM\System\CurrentControlSet\Services\MSDsm HKLM\System\CurrentControlSet\Services\MPIO HKLM\System\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318} HKLM\System\CurrentControlSet\Services\Tcpip	{Computername}_reg_Storage.txt
HKLM\Software\Microsoft\Exchange HKLM\System\CurrentControlSet\Services\MSExchangeActiveSyncNotify HKLM\System\CurrentControlSet\Services\MSExchangeADDXA HKLM\System\CurrentControlSet\Services\MSExchangeAL HKLM\System\CurrentControlSet\Services\MSExchangeDSAccess HKLM\System\CurrentControlSet\Services\MSExchangeES HKLM\System\CurrentControlSet\Services\MSExchangeFBPublish HKLM\System\CurrentControlSet\Services\MSExchangeIS HKLM\System\CurrentControlSet\Services\MSExchangeMGMT HKLM\System\CurrentControlSet\Services\MSExchangeMTA HKLM\System\CurrentControlSet\Services\MSExchangeMU HKLM\System\CurrentControlSet\Services\MSExchangeOMA HKLM\System\CurrentControlSet\Services\MSExchangeSA HKLM\System\CurrentControlSet\Services\MSExchangeSenderID HKLM\System\CurrentControlSet\Services\MSExchangeSRS HKLM\System\CurrentControlSet\Services\MSExchangeTransport HKLM\System\CurrentControlSet\Services\MSExchangeUCF HKLM\System\CurrentControlSet\Services\MSExchangeWEB HKLM\Software\Microsoft\MosTrace\CurrentVersion\DebugAsyncTrace HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\STORE.EXE	{Computername}_reg_Exchange.txt
HKLM\Cluster	{Computername}_reg_Cluster.hiv
HKLM\System\CurrentControlSet\Services\Clussvc	{Computername}_reg_Clussvc.txt
HKLM\System\CurrentControlSet\Services\Clusdisk	{Computername}_reg_Clusdisk.txt

()

Domain Controllers

Collapse this tableExpand this table

DescriptionÂ Â Â Â Â Â	File Name
Domain Controller Diagnostics Tool (dcdiag.exe) output	{Computername} _DCDiag.txt
Replication topology overview via â€˜repadmin.exe /showreplâ€™ output	{Computername}_repadmin.txt

Other

Collapse this tableExpand this table

Description	File Name
Resultant Set of Policy (RSoP) generated by gpresult.exe utility	{Computername}_GPResult.*
Schedule Tasks information (csv and txt) generated by schtasks.exe utility	{Computername}_schtasks.*
System Information - MSInfo32 tool output â€“ txt and nfo formats	{Computername}_msinfo32.*
Volume Shadow Copy Service (VSS) information	{Computername}_VSSAdmin.txt
Windows basic activation information via %windir%\system32\slmgr.vbs	{Computername}_KMSActivation.txt
Operating system Boot options file (Boot.ini)	{Computername}_BOOT.INI
Hyperthread capable processor information	{Computername}_HyperThread.txt
Information about process and threads using pstat.exe tool	{Computername}_PStat.txt
SP Catalog Logging file (Windows\System32\catroot2 \DBErr.txt)	{Computername}_DBErr.txt
Windows Update Reporting Events log file (from WINDOWS\SoftwareDistribution)	{Computername}_ReportingEvents.log
Windows Update log file (from windows folder)	{Computername}_WindowsUpdate.log
List Performance information from top Processes, such as memory usage, handle count and number of threads, as well as kernel memory allocation information	{Computername}_ProcessPerfInfo.*

Windows 2000, XP, Windows Server 2003

Cluster Servers

Collapse this tableExpand this table

DescriptionÂ Â Â Â Â Â	File Name
Cluster MPS Tool (clusmps.exe) output	{Computername} _Cluster_MPS_Information.txt
Cluster Resource Properties from cluster.exe utility	{Computername}_Cluster_Properties.txt
Cluster Resources information from cluster.exe utility	{Computername}_Cluster_Resources.txt
Chkdsk utility log files from \Windows\Cluster folder	{Computername}_Chkdsk*.log
Cluster Service Setup Log	{Computername}_ClCfgSrv.log
Cluster log file	{Computername}_Cluster.log

Domain Controllers

Collapse this tableExpand this table

DescriptionÂ Â Â Â Â Â	File Name
Group Policy Verification Tool (gpotool.exe) output	{Computername}_gpotool.txt
current list of operations master role holders via â€˜netdom query fsmoâ€™ output	{Computername}_netdomfsmo.txt
Description of share permissions on Sysvol Share via subinacl tool	{Computername}_SysvolSharePerms.txt

Other

Collapse this tableExpand this table

DescriptionÂ Â Â Â Â Â	File Name
User environment debug log (UserEnv.*) from \windows\debug\usermode	{Computername}_userenv.log
Service Pack installation log file (from Windows folder)	{Computername}_Svcpack.log
Update Installation Logs (KB*.log located on Windows folder)	{Computername}_KB*.log

Windows Vista or Windows Server 2008

Hyper-V Role

Collapse this tableExpand this table

DescriptionÂ Â Â Â Â Â	File Name
Event Log - Hyper-V related event logs (Microsoft-Windows-Hyper-V*) â€“ Text, csv and evtx formats	{Computername}_evt_HyperV.
Hyper-V Configuration and Virtual Machine Information	{Computername}_HyperV-Info.htm
Hyper-V Virtual Machine Definition files from %ProgramData%\Microsoft\Windows\Hyper-V\Virtual Machines\*.xml	{Computername}_{VirtualMachineGUID}.xml

FailoverCluster Feature

Collapse this tableExpand this table

Description	File Name
All files from the \windows\cluster\reports folder	{Computername}_ClusterReports.
Server manager log file located at %windir%\logs\ServerManager.log	{Computername}_ServerManager.log
Registry key HKLM\System\CurrentControlSet\Services\ClusDisk	{Computername}_Clusdisk.txt
Registry key HKLM\System\CurrentControlSet\Services\ClusSvc	{Computername}_ClussvcRegistry.txt
Output from â€˜Cluster . RESâ€™ command line utility, listing resources and properties	{Computername}_Cluster_Res_Properties_All.txt
Cluster log files generated by running â€˜cluster.exe logâ€™	{Computername}_Cluster.Log
Cluster MPS Tool (clusmps.exe) output	{Computername} _Cluster_MPS_Information.txt

Server Manager/ Roles information

Collapse this tableExpand this table

Description	File Name
Information about server roles installed on a server generated by servermanagercmd.exe	{Computername}_ServerManagerCmdQuery.*
Server manager log file located at %windir%\logs\ServerManager.log	{Computername}_ServerManager.log

Boot Information

Collapse this tableExpand this table

Description	File Name
Output from bcdedit.exe utility	{Computername}_BCDEdit.txt {Computername}_BCD-Backup.bak

Deployment Logs

Collapse this tableExpand this table

Description	File Name
Setupact.log from folders: %windir% %windir%\Panther %windir%\Panther\UnattendedGC	{Computername}_Setupact-*.log
Setupapi logs located on %windir%\inf folder	{Computername}_SetupApi.app.log {Computername}_SetupApi.evt.log {Computername}_SetupApi.offline.log
Setuperr.log located on Windows folder	{Computername}_Setuperr.log
Upgrade log â€“ SetupReport.txt from windows\panther folder	{Computername}_SetupReport.txt

Servicing logs

Collapse this tableExpand this table

Description	File Name
Component-Based Servicing Logs located on %windir%\Logs\CBS	{Computername}_CBS*.log
DPX Setup Act log located on %windir%\logs\DPX	{Computername}_setupact.log"
Pending Operations Queue Exec log located on %windir%\winsxs	{Computername}_poqexec.log
Windows Side-by-Side Pending Bad log located on %windir%\ winsxs	{Computername}_pending.xml.bad
Windows Side-by-Side Pending log located on %windir%\ winsxs	{Computername}_pending.xml

ServerCore Installation Option Media

Collapse this tableExpand this table

Description	File Name
Installed roles and component (output from oclist.exe command)	{Computername}_OCList*.log
Windows Update, Remote Desktop and other information configured by scregedit.wsf script	{Computername}_Scregedit.txt

Domain Controllers

Collapse this tableExpand this table

DescriptionÂ Â Â Â Â Â	File Name
Domain Controller promotion debug log from \Windows\debug folder	{Computername}_DCPromo.log

Networking Related Information

Collapse this tableExpand this table

Description	File Name
Networking Setup/ information about the attempts to join domains	{Computername}_netsetup.log
Current configuration settings for Network Access Protection (NAP) via â€˜netsh nap client exportâ€™ command	{Computername}_NapClient-Export.xml
Network Access Protection (NAP) client information via â€˜netsh nap clientâ€™ context output	{Computername}_NapClient-Netsh.txt
Windows Firewall with Advanced Security general information via â€˜netsh advfirewall showâ€™ context output	{Computername}_Firewall-Netsh-AdvFw.txt
Windows Firewall with Advanced Security computer security connection rules via â€˜netsh advfirewall consecâ€™ context output	{Computername}_Firewall-Netsh-AdvFw-ConSec-Rules.txt
Windows Firewall with Advanced Security firewall rules via â€˜netsh advfirewall firewallâ€™ context output	{Computername}_Firewall-Netsh-AdvFw-Fw-Rules.txt
Information about current Firewall policy via â€˜netsh advfirewall exportâ€™ command	{Computername}_Firewall-Netsh-AdvFw-Export.wfw
Hypertext Transfer Protocol (HTTP) service information via â€˜netsh httpâ€™ context output	{Computername}_Http-Netsh.txt
Network Input Output (NETIO) binding filters via â€˜netsh netio show bindingfiltersâ€™ command	{Computername}_TCPIP-Netsh-NetIO.txt

Additional Information

In addition to the files collected and listed above, this SDP Manifest can detect one or more of the following situations:

Â·Â Â Â Â Â Â Â Â Â Machine is running on a virtual environment

Â·Â Â Â Â Â Â Â Â Â Presence of a machine memory dumps in the past 30 days

Â·Â Â Â Â Â Â Â Â Â Presence of a user mode memory dumpsÂ in the past 30 days

Â·Â Â Â Â Â Â Â Â Â Problems related with machine memory dump configuration that could avoid a memory dump to be generated

Â·Â Â Â Â Â Â Â Â Â Presence of services that could interfere on memory dump generation

Â·Â Â Â Â Â Â Â Â Â Unexpected Shutdown Event Logs on System Log from past 30 days (Events 50 from EventLog)

Â·Â Â Â Â Â Â Â Â Â Machine Memory Dump related event logs on System log from past 30 days (Events 1001 from Save Dump)

Â·Â Â Â Â Â Â Â Â Â Srv related event logs 2020 and 2021 from the past 30 days

Â·Â Â Â Â Â Â Â Â Â Processes with a higher number of handles (above 40,000 handles)

Â·Â Â Â Â Â Â Â Â Â Machine has low number of System Page Entries (below 5,000)

Â·Â Â Â Â Â Â Â Â Â Machine is in low available memory condition (Machine committed limit above 85%)

Â·Â Â Â Â Â Â Â Â Â Any Kernel pool memory tag using more than 60% of all allocated memory.

Â·Â Â Â Â Â Â Â Â Â Non-Supported version of a Service Pack

Â·Â Â Â Â Â Â Â Â Â Non-Supported operating system versions

ReferencesÂ Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â

KB 926079 - Frequently asked questions about the Microsoft Support Diagnostic Tool (MSDT)
http://kbalertz.com/Feedback.aspx?kbNumber=926079 (http://kbalertz.com/Feedback.aspx?kbNumber=926079)

Back to the top

Note This is a "FAST PUBLISH" article created directly from within the Microsoft support organization. The information contained herein is provided as-is in response to emerging issues. As a result of the speed in making it available, the materials may include typographical errors and may be revised at any time without notice. See Terms of Use (http://go.microsoft.com/fwlink/?LinkId=151500) for other considerations.

Back to the top

APPLIES TO

Microsoft Windows 2000 Server
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows XP Professional
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003 R2 Enterprise Edition (32-Bit x86)
Microsoft Windows Server 2003 R2 Enterprise x64 Edition
Microsoft Windows Server 2003 R2 Standard Edition (32-bit x86)
Microsoft Windows Server 2003 R2 Standard x64 Edition
Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
Microsoft Windows Server 2003, Datacenter x64 Edition
Microsoft Windows Server 2003, Enterprise x64 Edition
Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
Windows Vista Enterprise 64-bit Edition
Windows Vista Ultimate 64-bit Edition
Windows Vista Business
Windows Vista Business 64-bit Edition
Windows Vista Enterprise
Windows Vista Ultimate
Windows Server 2008 for Itanium-Based Systems
Windows Server 2008 Datacenter
Windows Server 2008 Enterprise
Windows Server 2008 Standard

Back to the top

KB2277908

Back to the top

Community Feedback System

Very often, it takes hours to solve a problem. Very often, you've looked high and low, and have tried a lot of solutions. When you finally found it, chances are, it was because someone else helped you. Here's your chance to give back. Use our community feedback tool to let others know what worked for you and what didn't.

Please also understand that the community feedback system is not warranted to be correct, it's simply a system that we've built to let people try and help each other. If something in a feedback response doesn't make sense to you, or you're not comfortable making changes that the feedback talks about (like registry edits), please consult a professional.

Thank you for using kbAlertz.com Feedback System.

-- Scott Cate


	Copyright © 2002-2007 KBALERTZ.COM. All Rights Reserved. Terms / Privacy. Discount ASP.NET Hosting