Purpose
This document outlines how to run a DPDTrace. This may be necessary when troubleshooting detection issues.
Steps
DPD stands for Dynamic Product Detection. It’s the method our scan engine uses to determine what supported products are installed on the machine. This tool was created for troubleshooting patch scan issues where we need to know what is going on during the DPD process.
.Net Framework v4.0.30319 or newer needs to be installed for this to work
- Download DPDTrace.zip (See attachment at bottom of this page) and extract the file into a folder on the root of C:\
- Read Disclaimer.txt.
- Open a Command Prompt and change directory to C:\DPDTrace
- Enter the following command, replacing {MACHINE_NAME} {ADMIN_USER_NAME} {PASSWORD} and {PATCHTYPE} with corresponding values. ({MACHINE_NAME} has to be the Target machine that is having the detection problem
DPDTrace.bat {MACHINE_NAME} {ADMIN_USER_NAME} {PASSWORD} {PATCHTYPE}
Notes:
- Failure to supply any one of these values ({MACHINE_NAME} {ADMIN_USER_NAME} and {PASSWORD}) will cause the test to fail.
- {ADMIN_USER_NAME} needs to be in the format domain\username
- {PATCHTYPE} has the following possible values:
- 1 - Security patches
- 4 - Security tools
- 8 - Non-Security patches
- 9 - Security and non-security patches
- 13 - Security, non-security and tools
Unless explicitly asked to use a different variable here, use 13 to include all patch types.
Example of the command:
- If you want to use a specific hf7b.xml, just copy it into the extracted folder\HF7B.
- If you are in an offline environment, you must download the HF7b file directly and place it in the Extracted folder\HF7Bfolder
- Link to latest HF7b File http://xml.shavlik.com/data/hf7b.xml (Right Click on link and choose Save Target As)
- If you need to scan with a older scan engine, you may do so. Please add the VERSION number to the end. If no version is specified, it will use the 9.0.651 scan engine. Possible values:
- 7.8.5
- 8.0.43
- 9.0.651
- 9.1.1037
Example:
DPDTrace.bat {MACHINE_NAME} {ADMIN_USER_NAME} {PASSWORD} {PATCHTYPE} {VERSION}
5. When the command line is run, a window titled 'Rename HF.1 Log' will appear with an OK button. Do not close this window as the scan continues.
6. When the scan has completed the command prompt window will say 'Test Complete Please zip up HFCLi folder and send it back to us'. Please verify that an XML document has been created in the HFCLI folder. If it has, please zip up the directory "C:\DPDTrace\HFCLI" and send it back for analysis.
Additional Information
Please include the following registry exports from the target machine. This will not only save time, it will also greatly increase our chances of determining the root cause of the detection issue and correcting it.
- HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432\Microsoft\Windows\CurrentVersion\Uninstall
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products
Affected Products
All