Summary

The Support Diagnostics Platform (SDP) manifest file is designed to collect relevant registry data, configuration files, and event log information to help troubleshoot common System Center Endpoint Protection support issues. This article provides details on the data collected by the System Center Endpoint Protection Diagnostics.

More Information

This article describes the information that may be collected from a machine when running System Center Endpoint Protection Diagnostics

 

Information Collected

WMI information

Description

File Name

EP related info from WMI

{Computername}_EP_CCM_WMI.log



Virtualization Information

Description

File Name

Virtualization Information Output

{Computername}_Virtualization.TXT

{Computername}_Virtualization.htm



System State Information

Description

File Name

Scheduled tasks

{Computername}_schtasks.csv

{Computername}_schtasks.txt

Services

{Computername}_SC_Services_Output.txt

Running processes

{Computername}_TaskList.txt

Environment Variables

{Computername}_EnvironmentVariables.txt

Filter Manager - Minifilter drivers and instances

{Computername}_Fltmc.TXT



System Information

Description

File Name

NFO Format

{Computername}_msinfo32.nfo

Text Format

{Computername}_msinfo32.txt



System Center Configuration

Description

File Name

Agent Logs (CAB)

{Computername}_ConfigMgrAgentLogs.CAB



Resultant Set of Policy (RSoP)

Description

File Name

GPResult /z output

{Computername}_GPResult.txt

GPResult /H output

{Computername}_GPResult.htm



Installed updates/hotfixes

Description

File Name

Update/Hotfix history

{Computername}_Hotfixes.TXT

{Computername}_Hotfixes.htm

{Computername}_Hotfixes.CSV



File/Folder information

Description

File Name

Antimalware APPData tree

{Computername}_EP_APPDATA_TREE.log



Event Log Files

Description

File Name

Application

{Computername}_evt_Application.csv

{Computername}_evt_Application.evtx

{Computername}_evt_Application.txt

System

{Computername}_evt_System.evtx

{Computername}_evt_System.csv

{Computername}_evt_System.txt



EP Setup Logs

Description

File Name

Setup Logs (the number of files may differ as well as additional uninstall files depending on re-install/uninstall attempts)

{Computername}_MSSecurityClient_Setup_FEP_Install.log

{Computername}_MSSecurityClient_Setup_epp_Install.log

{Computername}_MSSecurityClient_Setup_mp_ambits_Install.log

{Computername}_EppSetup.etl

{Computername}_Providers.etl

{Computername}_Application.etl

{Computername}_EppSetup.log

{Computername}_EppSetupResult.ini



EP Information

Description

File Name

Definition Update diagnostics

{Computername}_DefsAnalysis.log



Collecting Log files

Description

File Name

Windows Security Center

{Computername}_SecurityCenter.txt



AutoRuns Information

Description

File Name

Autoruns output

{Computername}_Autoruns.htm

{Computername}_Autoruns.XML



Antimalware client support files

Description

File Name

Antimalware client support files

MPSupportFiles.cab

MPLog-<date>-<time>.log

MPDetection-<date>-<time>.log

References                                                                                                                           

KB 926079 - Frequently asked questions about the Microsoft Support Diagnostic Tool (MSDT)
http://support.microsoft.com/kb/926079

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

What affected your experience?

Thank you for your feedback!

×