Jump to content




System Diagnostic Tool

Tom Beck

What is the System Diagnostic Tool?

The System Diagnostic Tool (SDT) will allow users to generate a "support package" for Immunet Support to help them diagnose issues that they may encounter with Immunet Protect Beta version. When the user clicks the SDT menu item, SDT will generate a file to the user's desktop, which the user can then mail to Immunet Support as an attachment along with a bug report.


Using the System Diagnostic Tool (SDT)?

Using the SDT is straightforward. First, users open the Immunet folder from the Start menu by opening Start -> All Programs -> Immunet Protect.




Second, launch SDT, the user can click on the Systems Diagnostic Tool menu item. Once the item has been clicked, no apparent changes will take place. However, the user will now see a new file on appear on the desktop. It will look similar to the following screenshot.




The file is a zip archive that contains a number of log files that Immunet Protect generates in the course of normal operations. It also contains debug data that Immunet generates when users click on the menu item.


This archive will look empty if it is inspected with Windows Explorer. It is not. It appears this way because Immunet uses different compression libraries than those used by Explorer. Popular unzip programs like 7Zip or Winzip will open these files if the user wishes to view the contents.


What is in the System Diagnostic Tool archive?

The following is a list of all the files Immunet places in the SDT archive and a description of the data within each file:


Files Details  
agent.exe.log This is a synopsis of all the Immunet Protect "agent" activity, including issues related to communication and access (such as history.db, cache.db and kernel driver).
ipsupporttool.log This includes a detailed description of the user's system including: language, time zone, operating system, and patch level. It also includes a detailed list of all kernel drivers that are loaded on the user's computer and their respective locations, as well as all registered Windows services.
iptray.exe.log This file contains records of all issues that are specific to the Immunet Protect user interface (iptray.exe).  
cache.db This is a SQLite database that shows all of the user's cached file lookups. This includes the lookup to the Immunet Cloud and the response from the Immunet Cloud.  
history.db This is a SQLite database that shows all of the user's file copies, downloads, convictions, quarantine items, and quarantine roll backs.
local.xml Contains all of the local environment variables the user may set in Immunet Protect.  
global.xml Contains all of the global environment variables the user may set in Immunet Protect.
install.log Shows a detailed history of the installation process. This includes installation paths, driver load successes and failures, and general product file creation at install time.


Event Logs

From time to time it is helpful for Immunet Support to see a user's event logs. This is particularly useful when users are experiencing installation failures in which the Immunet drivers are failing to load. Immunet has a quick batch file for Windows Vista and Windows 7 users to use. In order to facilitate the generation of event logs, users can copy the bolded text below into their clipboard and save it as "Eventlog.bat" on their desktop.


REM From http://technet.microsoft.com/en-us/library/cc749339(WS.10).aspx


SET outputdir=%USERPROFILE%\Desktop\EventLogs

mkdir "NaV"

wevtutil epl Application "NaV\Application.evtx"

wevtutil epl System "NaV\System.evtx"


Once this file is saved on the desktop, the user can follow these steps:

  • Right click on EventLogs.bat and select "Run As Administrator." This will leave a folder on your desktop entitled "EventLogs".
  • Zip the EventLogs folder. You can user standard zip or 7zip for this.
  • Email the zip file to support@immunet.com



User Feedback

Recommended Comments

There are no comments to display.

  • Create New...